r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4917
Expires: Sat, 04 Feb 2023 16:10:03 GMT
Date: Sat, 04 Feb 2023 14:48:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9309
Expires: Sat, 04 Feb 2023 17:23:15 GMT
Date: Sat, 04 Feb 2023 14:48:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 14:36:15 GMT
content-type: application/json
age: 711
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16925
Expires: Sat, 04 Feb 2023 19:30:12 GMT
Date: Sat, 04 Feb 2023 14:48:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: XSYc6NfLTw5Yn+CoYwgLGhcCUt6IP6XOSbIdOloO+ap/GQfyqvXnUz2mNHmWdcUalC99TuCSebj4mwt7SMcxOg==
x-amz-request-id: GFGEM587YFC8SMN0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 13:52:51 GMT
age: 3316
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 14:48:07 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 14:07:19 GMT
age: 2448
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
gmgifts.co.uk/admin.php
212.32.237.91302 Found 11 B IP 212.32.237.91:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /admin.php HTTP/1.1
Host: gmgifts.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sat, 04 Feb 2023 14:48:07 GMT
location: http://orest-vlv.com/zcvisitor/ef7dc7b6-a49a-11ed-b3ed-0a6f53dd7f41/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
server: nginx
set-cookie: sid=ef6f4938-a49a-11ed-a201-191c6f28ab6c; path=/; domain=.gmgifts.co.uk; expires=Thu, 22 Feb 2091 18:02:14 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6401
Expires: Sat, 04 Feb 2023 16:34:48 GMT
Date: Sat, 04 Feb 2023 14:48:07 GMT
Connection: keep-alive
orest-vlv.com/zcvisitor/ef7dc7b6-a49a-11ed-b3ed-0a6f53dd7f41/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
52.7.54.238200 1.1 kB URL HTTP/1.1 orest-vlv.com/zcvisitor/ef7dc7b6-a49a-11ed-b3ed-0a6f53dd7f41/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
IP 52.7.54.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 64c2554284ae534433bac4ae9ca90d30
bd6885676313276cbac9b7b82ef99c2aed137f6b
81ca2672141c47df3d7dbe612dbebf81875b18fc5efd56df5ac8853045d47583
GET /zcvisitor/ef7dc7b6-a49a-11ed-b3ed-0a6f53dd7f41/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sat, 04 Feb 2023 14:48:07 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: UtTEqxsS
orest-vlv.com/zcredirect?visitid=ef7dc7b6-a49a-11ed-b3ed-0a6f53dd7f41&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
52.7.54.238200 356 B URL HTTP/1.1 orest-vlv.com/zcredirect?visitid=ef7dc7b6-a49a-11ed-b3ed-0a6f53dd7f41&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 52.7.54.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash dff951d8989704b6acac7ade865dfe6e
571d6eadc331af7ce40c1cc4f28802544859fe2b
db93b2574984dd136408c0a3727589390d2b61b797902e1ce95dafd1fa5b7ae3
GET /zcredirect?visitid=ef7dc7b6-a49a-11ed-b3ed-0a6f53dd7f41&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcvisitor/ef7dc7b6-a49a-11ed-b3ed-0a6f53dd7f41/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sat, 04 Feb 2023 14:48:07 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: DlvGkLjH
push.services.mozilla.com/
52.25.208.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.25.208.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kthW8Wpd/q2H0mXIs79xsg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9OxA5Hs7EYvxxmCx6O5UeIZJnAI=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ce8a902a1f46a50affdd5244f543eeba
bc1d1a24b50423dfa6091bb2b6750d21952a8855
4a1b2c481fc98653f808daecfdcd08dd5078745319bfd5491cc3ce2a9847ee33
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A1B2C481FC98653F808DAECFDCD08DD5078745319BFD5491CC3CE2A9847EE33"
Last-Modified: Sat, 04 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10970
Expires: Sat, 04 Feb 2023 17:50:58 GMT
Date: Sat, 04 Feb 2023 14:48:08 GMT
Connection: keep-alive
clever-redirect.com/s/r6?s=623619497&s2=badious-buzzard&s3=delta-adz-vzywl487z0
78.46.197.88200 OK 347 B URL HTTP/2 clever-redirect.com/s/r6?s=623619497&s2=badious-buzzard&s3=delta-adz-vzywl487z0
IP 78.46.197.88:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (347), with no line terminators
Hash be9488273be6a0f665d580cceb4ba8e2
8936ca1d10cecc26804e00167c823a64ed33d8f2
4947b0340230b1acb9ff2838322cab28012ade080e56fb0948f82b9016d55eb5
GET /s/r6?s=623619497&s2=badious-buzzard&s3=delta-adz-vzywl487z0 HTTP/1.1
Host: clever-redirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://orest-vlv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
referrer-policy: no-referrer
x-powered-by: PHP/7.4.27
set-cookie: 0dacbb728759aed52fd292d52436b13e=ed12c5fc1ea984a1643a72dc2b024fbf88f0bfce43b42f4d9d2b9f3f7d500d27a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%220dacbb728759aed52fd292d52436b13e%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Sun, 05-Feb-2023 14:48:08 GMT; Max-Age=86400; path=/; HttpOnly
content-length: 347
content-type: text/html; charset=UTF-8
date: Sat, 04 Feb 2023 14:48:08 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9d3577535248a22a191aa7f7df09e58e
dc960fbcf81bb83715a414c5749191a97b938231
d6c35b1477ce7acd39c669843c62e30b8904edf8fe4494bfd7a434ccf00bafdc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6C35B1477CE7ACD39C669843C62E30B8904EDF8FE4494BFD7A434CCF00BAFDC"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10588
Expires: Sat, 04 Feb 2023 17:44:36 GMT
Date: Sat, 04 Feb 2023 14:48:08 GMT
Connection: keep-alive
lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=birk.no&s1=623619497&s2=badious-buzzard&s3=delta-adz-vzywl487z0&s5=cf
5.9.110.29200 OK 941 B URL HTTP/1.1 lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=birk.no&s1=623619497&s2=badious-buzzard&s3=delta-adz-vzywl487z0&s5=cf
IP 5.9.110.29:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document, ASCII text, with very long lines (941), with no line terminators
Hash 3923308261d7f4c51f060e2b3a7758b3
63e2697da3339158c5b3e78af5b7371394d9de6d
71b4e5df834539c85220846dac47e1b0bdf672346cf06e8801b9b2a85fa9fc24
GET /s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=birk.no&s1=623619497&s2=badious-buzzard&s3=delta-adz-vzywl487z0&s5=cf HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 14:48:08 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.13
Set-Cookie: a54d8547d55dc68b81532abd5424096b=eb724a406d49d5bc205c54703d153c912f9a7f4cbf09bede351ca681d51c8ad4a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22a54d8547d55dc68b81532abd5424096b%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Sun, 05-Feb-2023 14:48:08 GMT; Max-Age=86400; path=/; HttpOnly
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DKzcwMmQ5eG1RbzJtaUhtRnNXZXRMdm8rMjE4WEtLcnpMRWl6bEtncDBOc1lCL2x4UDhNdnZPRFRaQWw5aEk3aGo5VHdDQU9rN0xNTFZBWlFPRGF4VkNYT2FnYWRQS0h2aGVleE1EUVlLcjBSdjMweTU5VGx0UzFJdXdFbUlrRzluTmp4TFIzS1BFSm1qcmJHbVRpRTdLN0hDUEY0ZHFpeFpOL0hwU0hKNXY2V3RObnRZaFBXem9OMlJBRzVLb3M4L25RcjV4cTRNeG1yUUN0M3NNSmx0RjF0c2lrcXFPd0t3aXZFMjc1bzhmTGdGZnFlbFQvWkVrN0g2SUVrNy9rVTJPTWFPRkRoWHJGTGpKancvblVQTm5qODNMWDRhdEVBdlVQcjdxNlFTeUgzVXkxUzRaUXp6SXZqSnl0QktYQW1TZ282ZnRXMW13RENoK2t4ZHVTRldsZEFudm0xbldXY0YyeVNiL25ONlliR1RMVEhmUTdLV1FzaWcrYjlEbDRqd3RCbG93WWZJT2JRVEg0dHZNdlNkK0VRcDFITHZXNndMUkRVOEE9PQ%3D%3D%26i%3DzwfJ%2FQIw8yOMRe2K%26placementId%3D7652dff2ed6df8549015e0bca2c91103&h=d47eb98262e7c9b27b7aa9384d8fd199
5.9.110.29200 OK 867 B URL HTTP/1.1 lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DKzcwMmQ5eG1RbzJtaUhtRnNXZXRMdm8rMjE4WEtLcnpMRWl6bEtncDBOc1lCL2x4UDhNdnZPRFRaQWw5aEk3aGo5VHdDQU9rN0xNTFZBWlFPRGF4VkNYT2FnYWRQS0h2aGVleE1EUVlLcjBSdjMweTU5VGx0UzFJdXdFbUlrRzluTmp4TFIzS1BFSm1qcmJHbVRpRTdLN0hDUEY0ZHFpeFpOL0hwU0hKNXY2V3RObnRZaFBXem9OMlJBRzVLb3M4L25RcjV4cTRNeG1yUUN0M3NNSmx0RjF0c2lrcXFPd0t3aXZFMjc1bzhmTGdGZnFlbFQvWkVrN0g2SUVrNy9rVTJPTWFPRkRoWHJGTGpKancvblVQTm5qODNMWDRhdEVBdlVQcjdxNlFTeUgzVXkxUzRaUXp6SXZqSnl0QktYQW1TZ282ZnRXMW13RENoK2t4ZHVTRldsZEFudm0xbldXY0YyeVNiL25ONlliR1RMVEhmUTdLV1FzaWcrYjlEbDRqd3RCbG93WWZJT2JRVEg0dHZNdlNkK0VRcDFITHZXNndMUkRVOEE9PQ%3D%3D%26i%3DzwfJ%2FQIw8yOMRe2K%26placementId%3D7652dff2ed6df8549015e0bca2c91103&h=d47eb98262e7c9b27b7aa9384d8fd199
IP 5.9.110.29:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (867), with no line terminators
Hash 7077ccf05f70622897475275b49cb788
fda2cb20fecd4d3751df1fe8e2e7f9dc4b474b8d
1ef12a0f128920954bc1b51e121e569ce6f524cb9058fb46c0fb870a853825f6
GET /s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DKzcwMmQ5eG1RbzJtaUhtRnNXZXRMdm8rMjE4WEtLcnpMRWl6bEtncDBOc1lCL2x4UDhNdnZPRFRaQWw5aEk3aGo5VHdDQU9rN0xNTFZBWlFPRGF4VkNYT2FnYWRQS0h2aGVleE1EUVlLcjBSdjMweTU5VGx0UzFJdXdFbUlrRzluTmp4TFIzS1BFSm1qcmJHbVRpRTdLN0hDUEY0ZHFpeFpOL0hwU0hKNXY2V3RObnRZaFBXem9OMlJBRzVLb3M4L25RcjV4cTRNeG1yUUN0M3NNSmx0RjF0c2lrcXFPd0t3aXZFMjc1bzhmTGdGZnFlbFQvWkVrN0g2SUVrNy9rVTJPTWFPRkRoWHJGTGpKancvblVQTm5qODNMWDRhdEVBdlVQcjdxNlFTeUgzVXkxUzRaUXp6SXZqSnl0QktYQW1TZ282ZnRXMW13RENoK2t4ZHVTRldsZEFudm0xbldXY0YyeVNiL25ONlliR1RMVEhmUTdLV1FzaWcrYjlEbDRqd3RCbG93WWZJT2JRVEg0dHZNdlNkK0VRcDFITHZXNndMUkRVOEE9PQ%3D%3D%26i%3DzwfJ%2FQIw8yOMRe2K%26placementId%3D7652dff2ed6df8549015e0bca2c91103&h=d47eb98262e7c9b27b7aa9384d8fd199 HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: a54d8547d55dc68b81532abd5424096b=eb724a406d49d5bc205c54703d153c912f9a7f4cbf09bede351ca681d51c8ad4a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22a54d8547d55dc68b81532abd5424096b%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 14:48:08 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.13
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c6d35b24071ba496da4bd656896ee50c
defe27d91238ec6a7f01cc3e097db47f6accfdbc
bfe398621a204ba434a7cd6c64686a81fcc1a7812e6e6a66c4cc6fe5b3d4cf27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BFE398621A204BA434A7CD6C64686A81FCC1A7812E6E6A66C4CC6FE5B3D4CF27"
Last-Modified: Sat, 04 Feb 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6224
Expires: Sat, 04 Feb 2023 16:31:52 GMT
Date: Sat, 04 Feb 2023 14:48:08 GMT
Connection: keep-alive
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fc8399d2b6c8a27d68174e0b051934d3
8789d9ca1ba34a098507624fb67d5692c4b3620c
b42da5151ce995246928081f6017299bcc74a2c6bdbf3f18e2168ce8d5f4b376
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5496
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:48:08 GMT
Last-Modified: Sat, 04 Feb 2023 13:16:32 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/offersearchGo?.ts=1675519080242&.sig=6lY7ZaDvy7dH8DnfMKKQgCc_mwo-&affiliationId=96965886&comId=100508712&country=no&offerId=3d3e48f4cf621de7f365d3e60db53a54&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=6c50830229630c236b43a65078373be6c5164c9c6e8139c57fa7c23e75c40421&custom2=SRdytlITOR16&custom3=false
95.211.116.26200 OK 34 kB URL HTTP/1.1 no-go.kelkoogroup.net/offersearchGo?.ts=1675519080242&.sig=6lY7ZaDvy7dH8DnfMKKQgCc_mwo-&affiliationId=96965886&comId=100508712&country=no&offerId=3d3e48f4cf621de7f365d3e60db53a54&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=6c50830229630c236b43a65078373be6c5164c9c6e8139c57fa7c23e75c40421&custom2=SRdytlITOR16&custom3=false
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12878)
Hash 7fa6b2dbbec13c4a2ec4940f4257ec16
5b909533e041066455909befc7d7242dbce7f317
9c25d18ca87dc98b6d50048a4c104b802c97ea0fb35810c754a02f22e81a80df
GET /offersearchGo?.ts=1675519080242&.sig=6lY7ZaDvy7dH8DnfMKKQgCc_mwo-&affiliationId=96965886&comId=100508712&country=no&offerId=3d3e48f4cf621de7f365d3e60db53a54&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=6c50830229630c236b43a65078373be6c5164c9c6e8139c57fa7c23e75c40421&custom2=SRdytlITOR16&custom3=false HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
leadId: dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1675522088919_740171
clickId: 107698111_1675522088914_2908699
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Set-Cookie: datadome=KHuH4gXrW7L1SWp_Cv-00F8iJowdbiPyL3KZU4kjtp1rZoZ5Sh4lTvPg4F2sKBJMq9oT-cpoYXAhFDsmlNmiIMXBE6Xs2QTdwfOwJbEwFe6gd8RwCnl6k-RF3_Duwy_; Max-Age=31536000; Expires=Sun, 04 Feb 2024 14:48:08 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c626f-1861ce61fd2-5d318; Max-Age=31536000; Expires=Sun, 04 Feb 2024 14:48:08 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
X-DataDome: protected
Request-Time: PT0.015412S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Sat, 04 Feb 2023 14:48:08 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 34145
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a76906ef58456f84b06938f53e402965cefe90bed95c85570ef9db5bbd06cdb07b8ea33e8400ee30d45e1e1a87453b4b0718164d6fb43549b4df96d4f6431915193b8cb423e9b00dc5631b0dc0a0685f1ca03c6f6698a9ef7524ad082925d29be6fd636fa324b747b57c1670bfba5f27f5b6b120e36516141721e8b95530c3160e5b0d440817ff1f1a610f5aa233240797ebe83ac7c370704e6be691f694ac25c472e59596a6544025846bf9c57a20597a73548f1843c1783693931c07181db5beb7f57358fb3f0915ffb2871dfd22be2cb0b6cadf8b3faa4bb1d1bff83b8c6a2d0943a38eed89716601f5ac15d46e3f20020717316bd017846a685e00c254088919764f92d26457aa29c3694079d352bc95604d5bf1feffaae5df7b03e11b58264605baa27261691a44a6a8eb36434aae33dead5bf9cbcc8e044c535b58dcb959992031f1d2469ad7a0f240aaa78bfc7a572a7506d50da79c0e93c1650f8a11fd63f82e26771cc263e9219b1d39a08c9b
95.211.116.26200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a76906ef58456f84b06938f53e402965cefe90bed95c85570ef9db5bbd06cdb07b8ea33e8400ee30d45e1e1a87453b4b0718164d6fb43549b4df96d4f6431915193b8cb423e9b00dc5631b0dc0a0685f1ca03c6f6698a9ef7524ad082925d29be6fd636fa324b747b57c1670bfba5f27f5b6b120e36516141721e8b95530c3160e5b0d440817ff1f1a610f5aa233240797ebe83ac7c370704e6be691f694ac25c472e59596a6544025846bf9c57a20597a73548f1843c1783693931c07181db5beb7f57358fb3f0915ffb2871dfd22be2cb0b6cadf8b3faa4bb1d1bff83b8c6a2d0943a38eed89716601f5ac15d46e3f20020717316bd017846a685e00c254088919764f92d26457aa29c3694079d352bc95604d5bf1feffaae5df7b03e11b58264605baa27261691a44a6a8eb36434aae33dead5bf9cbcc8e044c535b58dcb959992031f1d2469ad7a0f240aaa78bfc7a572a7506d50da79c0e93c1650f8a11fd63f82e26771cc263e9219b1d39a08c9b
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a76906ef58456f84b06938f53e402965cefe90bed95c85570ef9db5bbd06cdb07b8ea33e8400ee30d45e1e1a87453b4b0718164d6fb43549b4df96d4f6431915193b8cb423e9b00dc5631b0dc0a0685f1ca03c6f6698a9ef7524ad082925d29be6fd636fa324b747b57c1670bfba5f27f5b6b120e36516141721e8b95530c3160e5b0d440817ff1f1a610f5aa233240797ebe83ac7c370704e6be691f694ac25c472e59596a6544025846bf9c57a20597a73548f1843c1783693931c07181db5beb7f57358fb3f0915ffb2871dfd22be2cb0b6cadf8b3faa4bb1d1bff83b8c6a2d0943a38eed89716601f5ac15d46e3f20020717316bd017846a685e00c254088919764f92d26457aa29c3694079d352bc95604d5bf1feffaae5df7b03e11b58264605baa27261691a44a6a8eb36434aae33dead5bf9cbcc8e044c535b58dcb959992031f1d2469ad7a0f240aaa78bfc7a572a7506d50da79c0e93c1650f8a11fd63f82e26771cc263e9219b1d39a08c9b HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/offersearchGo?.ts=1675519080242&.sig=6lY7ZaDvy7dH8DnfMKKQgCc_mwo-&affiliationId=96965886&comId=100508712&country=no&offerId=3d3e48f4cf621de7f365d3e60db53a54&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=6c50830229630c236b43a65078373be6c5164c9c6e8139c57fa7c23e75c40421&custom2=SRdytlITOR16&custom3=false
Connection: keep-alive
Cookie: datadome=KHuH4gXrW7L1SWp_Cv-00F8iJowdbiPyL3KZU4kjtp1rZoZ5Sh4lTvPg4F2sKBJMq9oT-cpoYXAhFDsmlNmiIMXBE6Xs2QTdwfOwJbEwFe6gd8RwCnl6k-RF3_Duwy_; kelkooID=a4c626f-1861ce61fd2-5d318
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
leadId: dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1675522088919_740171
clickId: 107698111_1675522088914_2908699
country: no
Request-Time: PT0.001623S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Sat, 04 Feb 2023 14:48:09 GMT
Content-Type: image/png
Content-Length: 68
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3966
Expires: Sat, 04 Feb 2023 15:54:15 GMT
Date: Sat, 04 Feb 2023 14:48:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3966
Expires: Sat, 04 Feb 2023 15:54:15 GMT
Date: Sat, 04 Feb 2023 14:48:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3966
Expires: Sat, 04 Feb 2023 15:54:15 GMT
Date: Sat, 04 Feb 2023 14:48:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3966
Expires: Sat, 04 Feb 2023 15:54:15 GMT
Date: Sat, 04 Feb 2023 14:48:09 GMT
Connection: keep-alive
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a76906ef58456f84b06938f53e402965cefe90bed95c85570ef9db5bbd06cdb07b8ea33e8400ee30d45e1e1a87453b4b0718164d6fb43549b4df96d4f6431915193b8cb423e9b00dc5631b0dc0a0685f1ca03c6f6698a9ef7524ad082925d29be6fd636fa324b747b57c1670bfba5f27f5b6b120e36516141721e8b95530c3160e5b0d440817ff1f1a610f5aa233240797ebe83ac7c370704e6be691f694ac25c472e59596a6544025846bf9c57a20597a73548f1843c1783693931c07181db5beb7f57358fb3f0915ffb2871dfd22be2cb0b6cadf8b3faa4bb1d1bff83b8c6a2d0943a38eed89716601f5ac15d46e3f20020717316bd017846a685e00c254088919764f92d26457aa29c3694079d352bc95604d5bf1feffaae5df7b03e11b58264605baa27261691a44a6a8eb36434aae33dead5bf9cbcc8e044c535b58dcb959992031f1d2469ad7a0f240aaa78bfc7a572a7506d50da79c0e93c1650f8a11fd63f82e26771cc263e9219b1d39a08c9b
95.211.116.26200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a76906ef58456f84b06938f53e402965cefe90bed95c85570ef9db5bbd06cdb07b8ea33e8400ee30d45e1e1a87453b4b0718164d6fb43549b4df96d4f6431915193b8cb423e9b00dc5631b0dc0a0685f1ca03c6f6698a9ef7524ad082925d29be6fd636fa324b747b57c1670bfba5f27f5b6b120e36516141721e8b95530c3160e5b0d440817ff1f1a610f5aa233240797ebe83ac7c370704e6be691f694ac25c472e59596a6544025846bf9c57a20597a73548f1843c1783693931c07181db5beb7f57358fb3f0915ffb2871dfd22be2cb0b6cadf8b3faa4bb1d1bff83b8c6a2d0943a38eed89716601f5ac15d46e3f20020717316bd017846a685e00c254088919764f92d26457aa29c3694079d352bc95604d5bf1feffaae5df7b03e11b58264605baa27261691a44a6a8eb36434aae33dead5bf9cbcc8e044c535b58dcb959992031f1d2469ad7a0f240aaa78bfc7a572a7506d50da79c0e93c1650f8a11fd63f82e26771cc263e9219b1d39a08c9b
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a76906ef58456f84b06938f53e402965cefe90bed95c85570ef9db5bbd06cdb07b8ea33e8400ee30d45e1e1a87453b4b0718164d6fb43549b4df96d4f6431915193b8cb423e9b00dc5631b0dc0a0685f1ca03c6f6698a9ef7524ad082925d29be6fd636fa324b747b57c1670bfba5f27f5b6b120e36516141721e8b95530c3160e5b0d440817ff1f1a610f5aa233240797ebe83ac7c370704e6be691f694ac25c472e59596a6544025846bf9c57a20597a73548f1843c1783693931c07181db5beb7f57358fb3f0915ffb2871dfd22be2cb0b6cadf8b3faa4bb1d1bff83b8c6a2d0943a38eed89716601f5ac15d46e3f20020717316bd017846a685e00c254088919764f92d26457aa29c3694079d352bc95604d5bf1feffaae5df7b03e11b58264605baa27261691a44a6a8eb36434aae33dead5bf9cbcc8e044c535b58dcb959992031f1d2469ad7a0f240aaa78bfc7a572a7506d50da79c0e93c1650f8a11fd63f82e26771cc263e9219b1d39a08c9b HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/offersearchGo?.ts=1675519080242&.sig=6lY7ZaDvy7dH8DnfMKKQgCc_mwo-&affiliationId=96965886&comId=100508712&country=no&offerId=3d3e48f4cf621de7f365d3e60db53a54&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=6c50830229630c236b43a65078373be6c5164c9c6e8139c57fa7c23e75c40421&custom2=SRdytlITOR16&custom3=false
Content-Type: text/plain;charset=utf-8
Content-Length: 536
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=KHuH4gXrW7L1SWp_Cv-00F8iJowdbiPyL3KZU4kjtp1rZoZ5Sh4lTvPg4F2sKBJMq9oT-cpoYXAhFDsmlNmiIMXBE6Xs2QTdwfOwJbEwFe6gd8RwCnl6k-RF3_Duwy_; kelkooID=a4c626f-1861ce61fd2-5d318; _ga=GA1.2.622450952.1675522124; _gid=GA1.2.312500999.1675522124
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
leadId: dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1675522088919_740171
clickId: 107698111_1675522088914_2908699
country: no
Request-Time: PT0.003341S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Sat, 04 Feb 2023 14:48:09 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: aKr85ooofBPeKkeJIDO5W_X5Rn6xnJlRHmVrs8tgBMYe3HQhobsm3w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:56:07 GMT
age: 60722
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:44 GMT
age: 60145
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jBxNmhfAeUgxg8w4XpQHZ1QoN9GatdUV7V7r2tHd7YePJYPHpesd2Q==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:21 GMT
age: 60168
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7afd5ce8fb9ec7b62e528bf97705e49
afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3
b2d93ba6c0ed2c858d91afba1c81251afbffa41c779be2e9203994dcfb7bbc9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7249
x-amzn-requestid: 007ce521-ed5c-4074-a314-684ad0df2e22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9GH5goAMF_ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8053-7060f02b767c90371991a190;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5fTV_e56nzjiXo4Guu67WXDDvp3nrjB0Yfyy6ByjcDSx23J-8r0fmQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 59868
etag: "afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 06:20:04 GMT
age: 30485
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:00:26 GMT
age: 60463
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ca92cdfb40a34612165ddedefe062595
b4976b7f680d4f33430171c7f6790e308736f30d
29e4e7c6c080e88feac91e18a297d27aa9dae053f8b858db4bb70fc79cbd7946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "29E4E7C6C080E88FEAC91E18A297D27AA9DAE053F8B858DB4BB70FC79CBD7946"
Last-Modified: Sat, 04 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4589
Expires: Sat, 04 Feb 2023 16:04:38 GMT
Date: Sat, 04 Feb 2023 14:48:09 GMT
Connection: keep-alive
dd.kelkoogroup.net/tags.js
54.230.111.25200 OK 43 kB URL HTTP/2 dd.kelkoogroup.net/tags.js
IP 54.230.111.25:0
File type ASCII text, with very long lines (65432)
Hash 75fee8645619b669e05eed0d332fb9ee
af9095cc20ce8f8d14052e87efb9de31fe43e803
e0f62f765af751d53cd8b045736f95f2d417c2ee9919c40a4ead1b0d6520f92e
GET /tags.js HTTP/1.1
Host: dd.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Cookie: datadome=KHuH4gXrW7L1SWp_Cv-00F8iJowdbiPyL3KZU4kjtp1rZoZ5Sh4lTvPg4F2sKBJMq9oT-cpoYXAhFDsmlNmiIMXBE6Xs2QTdwfOwJbEwFe6gd8RwCnl6k-RF3_Duwy_; kelkooID=a4c626f-1861ce61fd2-5d318
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 42836
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Wed, 01 Feb 2023 11:10:44 GMT
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront), 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
date: Sat, 04 Feb 2023 14:11:31 GMT
cache-control: max-age=3600, public
expires: Sat, 04 Feb 2023 14:11:32 GMT
etag: "33404-5f3a17fded07d-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2, OSL50-P1
x-amz-cf-id: PAaQV0rPqksO0EfM5xgW9r7myI5pwfgtgakZWNyvBEr2SoGeKsS4jQ==
age: 2198
X-Firefox-Spdy: h2
no-go.kelkoogroup.net/favicon.ico
95.211.116.26404 Not Found 1.1 kB URL HTTP/1.1 no-go.kelkoogroup.net/favicon.ico
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8560de521c4990c7c870121fc9643508
0cacf7a6b96cceeb6ceae74d5f14dc87406a6f39
73a434285c3a752bc8c44aebd50e10f1a766853cbc7184e78d5c934c7b52b620
GET /favicon.ico HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/offersearchGo?.ts=1675519080242&.sig=6lY7ZaDvy7dH8DnfMKKQgCc_mwo-&affiliationId=96965886&comId=100508712&country=no&offerId=3d3e48f4cf621de7f365d3e60db53a54&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=6c50830229630c236b43a65078373be6c5164c9c6e8139c57fa7c23e75c40421&custom2=SRdytlITOR16&custom3=false
Connection: keep-alive
Cookie: datadome=KHuH4gXrW7L1SWp_Cv-00F8iJowdbiPyL3KZU4kjtp1rZoZ5Sh4lTvPg4F2sKBJMq9oT-cpoYXAhFDsmlNmiIMXBE6Xs2QTdwfOwJbEwFe6gd8RwCnl6k-RF3_Duwy_; kelkooID=a4c626f-1861ce61fd2-5d318; _ga=GA1.2.622450952.1675522124; _gid=GA1.2.312500999.1675522124
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Request-Time: PT0.00015S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Sat, 04 Feb 2023 14:48:09 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1144
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a76906ef58456f84b06938f53e402965cefe90bed95c85570ef9db5bbd06cdb07b8ea33e8400ee30d45e1e1a87453b4b0718164d6fb43549b4df96d4f6431915193b8cb423e9b00dc5631b0dc0a0685f1ca03c6f6698a9ef7524ad082925d29be6fd636fa324b747b57c1670bfba5f27f5b6b120e36516141721e8b95530c3160e5b0d440817ff1f1a610f5aa233240797ebe83ac7c370704e6be691f694ac25c472e59596a6544025846bf9c57a20597a73548f1843c1783693931c07181db5beb7f57358fb3f0915ffb2871dfd22be2cb0b6cadf8b3faa4bb1d1bff83b8c6a2d0943a38eed89716601f5ac15d46e3f20020717316bd017846a685e00c254088919764f92d26457aa29c3694079d352bc95604d5bf1feffaae5df7b03e11b58264605baa27261691a44a6a8eb36434aae33dead5bf9cbcc8e044c535b58dcb959992031f1d2469ad7a0f240aaa78bfc7a572a7506d50da79c0e93c1650f8a11fd63f82e26771cc263e9219b1d39a08c9b&url=https%3A%2F%2Fndt5.net%2Fc%2F%3Fsi%3D14652%26li%3D1630515%26wi%3D325766%26pid%3Dcb6d41c171e2402624ef52e92f1f8372%26dl%3Dpivot-switchblade-29-pro-xo1-blue-fulldemper%26ws%3Ddc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1675522088919_740171
95.211.116.26303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a76906ef58456f84b06938f53e402965cefe90bed95c85570ef9db5bbd06cdb07b8ea33e8400ee30d45e1e1a87453b4b0718164d6fb43549b4df96d4f6431915193b8cb423e9b00dc5631b0dc0a0685f1ca03c6f6698a9ef7524ad082925d29be6fd636fa324b747b57c1670bfba5f27f5b6b120e36516141721e8b95530c3160e5b0d440817ff1f1a610f5aa233240797ebe83ac7c370704e6be691f694ac25c472e59596a6544025846bf9c57a20597a73548f1843c1783693931c07181db5beb7f57358fb3f0915ffb2871dfd22be2cb0b6cadf8b3faa4bb1d1bff83b8c6a2d0943a38eed89716601f5ac15d46e3f20020717316bd017846a685e00c254088919764f92d26457aa29c3694079d352bc95604d5bf1feffaae5df7b03e11b58264605baa27261691a44a6a8eb36434aae33dead5bf9cbcc8e044c535b58dcb959992031f1d2469ad7a0f240aaa78bfc7a572a7506d50da79c0e93c1650f8a11fd63f82e26771cc263e9219b1d39a08c9b&url=https%3A%2F%2Fndt5.net%2Fc%2F%3Fsi%3D14652%26li%3D1630515%26wi%3D325766%26pid%3Dcb6d41c171e2402624ef52e92f1f8372%26dl%3Dpivot-switchblade-29-pro-xo1-blue-fulldemper%26ws%3Ddc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1675522088919_740171
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a76906ef58456f84b06938f53e402965cefe90bed95c85570ef9db5bbd06cdb07b8ea33e8400ee30d45e1e1a87453b4b0718164d6fb43549b4df96d4f6431915193b8cb423e9b00dc5631b0dc0a0685f1ca03c6f6698a9ef7524ad082925d29be6fd636fa324b747b57c1670bfba5f27f5b6b120e36516141721e8b95530c3160e5b0d440817ff1f1a610f5aa233240797ebe83ac7c370704e6be691f694ac25c472e59596a6544025846bf9c57a20597a73548f1843c1783693931c07181db5beb7f57358fb3f0915ffb2871dfd22be2cb0b6cadf8b3faa4bb1d1bff83b8c6a2d0943a38eed89716601f5ac15d46e3f20020717316bd017846a685e00c254088919764f92d26457aa29c3694079d352bc95604d5bf1feffaae5df7b03e11b58264605baa27261691a44a6a8eb36434aae33dead5bf9cbcc8e044c535b58dcb959992031f1d2469ad7a0f240aaa78bfc7a572a7506d50da79c0e93c1650f8a11fd63f82e26771cc263e9219b1d39a08c9b&url=https%3A%2F%2Fndt5.net%2Fc%2F%3Fsi%3D14652%26li%3D1630515%26wi%3D325766%26pid%3Dcb6d41c171e2402624ef52e92f1f8372%26dl%3Dpivot-switchblade-29-pro-xo1-blue-fulldemper%26ws%3Ddc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1675522088919_740171 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/offersearchGo?.ts=1675519080242&.sig=6lY7ZaDvy7dH8DnfMKKQgCc_mwo-&affiliationId=96965886&comId=100508712&country=no&offerId=3d3e48f4cf621de7f365d3e60db53a54&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=6c50830229630c236b43a65078373be6c5164c9c6e8139c57fa7c23e75c40421&custom2=SRdytlITOR16&custom3=false
Connection: keep-alive
Cookie: datadome=KHuH4gXrW7L1SWp_Cv-00F8iJowdbiPyL3KZU4kjtp1rZoZ5Sh4lTvPg4F2sKBJMq9oT-cpoYXAhFDsmlNmiIMXBE6Xs2QTdwfOwJbEwFe6gd8RwCnl6k-RF3_Duwy_; kelkooID=a4c626f-1861ce61fd2-5d318; _ga=GA1.2.622450952.1675522124; _gid=GA1.2.312500999.1675522124
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
leadId: dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1675522088919_740171
clickId: 107698111_1675522088914_2908699
country: no
Location: https://ndt5.net/c/?si=14652&li=1630515&wi=325766&pid=cb6d41c171e2402624ef52e92f1f8372&dl=pivot-switchblade-29-pro-xo1-blue-fulldemper&ws=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1675522088919_740171
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Set-Cookie: datadome=3CH~KSEJ-elZcFW6EJq_D_pbu2IPgnMkUl1luQGGRQ-rtgeX85u6iI2ogv5BRdlPx03KxJ5bLLJUZHT2Sgm~8z4A6_9HsDR3-GngtjGKs1OUdSwtUxaIJwXpcdeKB_b_; Max-Age=31536000; Expires=Sun, 04 Feb 2024 14:48:09 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
X-DataDome: protected
Request-Time: PT0.013593S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Sat, 04 Feb 2023 14:48:09 GMT
Content-Length: 0
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash aeb770db4847cd98d1433c853e7d78c6
b630f04ebc30caf58598eb7b12198aa042756529
50f6238d27339ee653850bd5271ba37dfbfa58a6d89a3732f1639cf39d1872b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1763
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:48:09 GMT
Last-Modified: Sat, 04 Feb 2023 14:18:46 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280
ocsp.usertrust.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ba564ccd2c703ef45d15a370c07263c4
34e4d9dda97d696ab37bb66210fcc99a5c64b2d6
28196309aded67965a14f3616ea4c1e7bf82443e5d8c3ba5d8a9dc57099c8b49
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 14:48:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 01:51:19 GMT
Expires: Sat, 11 Feb 2023 01:51:18 GMT
Etag: "34e4d9dda97d696ab37bb66210fcc99a5c64b2d6"
Cache-Control: max-age=603242,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1247
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794434a24c320b55-OSL
api-js.datadome.co/js/
13.51.192.216200 OK 236 B IP 13.51.192.216:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7046acb6bf97253d50c9a3724fae284c
5167b6623d1dbc652728ab142286b458b13cdfc7
372c48e4f8926e7937200af1367beb7cfa451457e645ecc3925fb2d500f9914a
POST /js/ HTTP/1.1
Host: api-js.datadome.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 4490
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:09 GMT
content-type: application/json;charset=utf-8
content-length: 236
server: DataDome
access-control-allow-origin: *
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:48:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2FoffersearchGo%3F.ts%3D1675519080242%26.sig%3D6lY7ZaDvy7dH8DnfMKKQgCc_mwo-%26affiliationId%3D96965886%26comId%3D100508712%26country%3Dno%26offerId%3D3d3e48f4cf621de7f365d3e60db53a54%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D6c50830229630c236b43a65078373be6c5164c9c6e8139c57fa7c23e75c40421%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100508712%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Birk%20sport&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=622450952.1675522124&tid=UA-168544891-6&_gid=312500999.1675522124&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1675522088919_740171&cd3=100508712&cd4=a4c626f-1861ce61fd2-5d318&cd5=&cd6=96965886%7C100508712%7C&z=1924475974
142.250.74.110200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2FoffersearchGo%3F.ts%3D1675519080242%26.sig%3D6lY7ZaDvy7dH8DnfMKKQgCc_mwo-%26affiliationId%3D96965886%26comId%3D100508712%26country%3Dno%26offerId%3D3d3e48f4cf621de7f365d3e60db53a54%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D6c50830229630c236b43a65078373be6c5164c9c6e8139c57fa7c23e75c40421%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100508712%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Birk%20sport&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=622450952.1675522124&tid=UA-168544891-6&_gid=312500999.1675522124&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1675522088919_740171&cd3=100508712&cd4=a4c626f-1861ce61fd2-5d318&cd5=&cd6=96965886%7C100508712%7C&z=1924475974
IP 142.250.74.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2FoffersearchGo%3F.ts%3D1675519080242%26.sig%3D6lY7ZaDvy7dH8DnfMKKQgCc_mwo-%26affiliationId%3D96965886%26comId%3D100508712%26country%3Dno%26offerId%3D3d3e48f4cf621de7f365d3e60db53a54%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D6c50830229630c236b43a65078373be6c5164c9c6e8139c57fa7c23e75c40421%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100508712%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Birk%20sport&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=622450952.1675522124&tid=UA-168544891-6&_gid=312500999.1675522124&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1675522088919_740171&cd3=100508712&cd4=a4c626f-1861ce61fd2-5d318&cd5=&cd6=96965886%7C100508712%7C&z=1924475974 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Sat, 04 Feb 2023 14:48:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.birk.no/pivot-switchblade-29-pro-xo1-blue-fulldemper?utm_source=daisycon&utm_medium=affiliate&utm_campaign=daisycon_325766
172.67.69.63301 Moved Permanently 472 B URL HTTP/2 www.birk.no/pivot-switchblade-29-pro-xo1-blue-fulldemper?utm_source=daisycon&utm_medium=affiliate&utm_campaign=daisycon_325766
IP 172.67.69.63:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
GET /pivot-switchblade-29-pro-xo1-blue-fulldemper?utm_source=daisycon&utm_medium=affiliate&utm_campaign=daisycon_325766 HTTP/1.1
Host: www.birk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Cookie: smvr=eyJ2aXNpdHMiOjQsInZpZXdzIjo0LCJ0cyI6MTY1NDUwNzg2MzgzOCwibnVtYmVyT2ZSZWplY3Rpb25CdXR0b25DbGljayI6MCwiaXNOZXdTZXNzaW9uIjpmYWxzZX0=; smuuid=1812d7442d8-b755d9cbef30-4893b9fa-39a3da50-c94a3863-fdaded94a632; _hjSessionUser_775571=eyJpZCI6IjJmYWRiM2Y5LTBkZTktNTk5My05ZWJjLTU1NmIwOGRmODNlYyIsImNyZWF0ZWQiOjE2NTQzMjUwMDMwMDUsImV4aXN0aW5nIjp0cnVlfQ==; __zlcmid=1AJkyWyKYyIGhTl
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 04 Feb 2023 14:48:09 GMT
content-type: text/html; charset=UTF-8
location: https://birk.no/pivot-switchblade-29-pro-xo1-blue-fulldemper
set-cookie: PHPSESSID=h4vcv67iqhkchpr7s8e5jkbtli; expires=Sat, 04-Feb-2023 15:48:09 GMT; Max-Age=3600; path=/; domain=birk.no; secure
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
x-cache: MISS
x-cache-hits: 0
x-cache-ttl: -0.000
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4cCUKpJ2uYUAC1nL2mabTk9kOmFaj%2FVrwBY9nxBsNpp0SPGNad4jb46pvhAeCOXIem%2FGRl7autNjcjSIf4XqVmnt24XnPWKuhyVYKLcRdLMWPf1SZrQFcPccJP4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794434a3ca700b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 149a2367312653ee73b6581578a2f84d
3c98fcaa27940cfcfb9a8c27bc3ec80476898bbc
007b5bc87b6006e78e97ea446e1979574d5c17782be5e901706a0881e62d05a4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2914
Cache-Control: max-age=132568
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:48:10 GMT
Etag: "63ddc7a0-116"
Expires: Mon, 06 Feb 2023 03:37:38 GMT
Last-Modified: Sat, 04 Feb 2023 02:49:04 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 152 kB IP 216.58.211.3:0
Size 152 kB (152082 bytes)
Hash 427926dbf2eb10100d9d3708c14c72fd
87a7b07e36ff70aa8387c92f7b595e67a576148c
74a13bd09d635414e2c3e63e9541880e48690d17b9ebad73de55865b3c081a92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:48:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 149a2367312653ee73b6581578a2f84d
3c98fcaa27940cfcfb9a8c27bc3ec80476898bbc
007b5bc87b6006e78e97ea446e1979574d5c17782be5e901706a0881e62d05a4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2914
Cache-Control: max-age=132568
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:48:10 GMT
Etag: "63ddc7a0-116"
Expires: Mon, 06 Feb 2023 03:37:38 GMT
Last-Modified: Sat, 04 Feb 2023 02:49:04 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:48:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ndt5.net/redirect/global.php?dai_url_domain=www.birk.no&dai_url_add=utm_source%3Ddaisycon%26utm_medium%3Daffiliate%26utm_campaign%3Ddaisycon_325766&dai_url=pivot-switchblade-29-pro-xo1-blue-fulldemper
104.25.147.85301 Moved Permanently 80 kB URL HTTP/2 ndt5.net/redirect/global.php?dai_url_domain=www.birk.no&dai_url_add=utm_source%3Ddaisycon%26utm_medium%3Daffiliate%26utm_campaign%3Ddaisycon_325766&dai_url=pivot-switchblade-29-pro-xo1-blue-fulldemper
IP 104.25.147.85:0
File type gzip compressed data, last modified: Fri Jan 27 10:02:18 2023, max compression, from Unix\012- data
Hash ec6cbc4c1157b89a113ee382e870e6d7
09880ecee741b1bb62efbe5e21072148e4b5aadf
7a9f8520bf7e180bfbc3f7cada6cab2801393fabec495aae02b98d70844962f8
GET /redirect/global.php?dai_url_domain=www.birk.no&dai_url_add=utm_source%3Ddaisycon%26utm_medium%3Daffiliate%26utm_campaign%3Ddaisycon_325766&dai_url=pivot-switchblade-29-pro-xo1-blue-fulldemper HTTP/1.1
Host: ndt5.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Cookie: dci=QhkL05XEXyVmUdc; pdc=QhkL05XEXyVmUdc; ci_14652=ZF4xNjc1NTIyMDg5LGRjaV5RaGtMMDVYRVh5Vm1VZGM%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 04 Feb 2023 14:48:09 GMT
content-type: text/html; charset=UTF-8
location: https://www.birk.no/pivot-switchblade-29-pro-xo1-blue-fulldemper?utm_source=daisycon&utm_medium=affiliate&utm_campaign=daisycon_325766
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-expose-headers: P3p, Cache-Control, Expires, Content-Length, Content-Type
cache-control: no-store, no-cache, must-revalidate, max-age=14400
x-xss-protection: 0
expires: Sat, 04 Feb 2023 18:48:09 GMT
x-daisycon-cluster: ApacheContainer-ed25e727ac84-tracking.daisycon.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hABbYK63n81WRMh5xRhqaz9ZoGxMYP2c%2Bnv5q5thMbKTlpHlRQKCmjJGnINEbtPIU9mSrHAkSDOsU8rEg5xrgICEBAem2HQoYCg3x48z0KLm7YFL%2FXNQpqBj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794434a34b53b527-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 4.4 kB IP 216.58.211.3:0
File type gzip compressed data, from Unix\012- data
Hash 802ef3d931d1e8cbcfebdb3e766e23bf
1f970dda781fe277398f40fa83d78d5cc19e3de8
694ed76687fa10e377d9196de664ab519699b4e1efcda7740e9f4e2272a96bd7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:48:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
142.250.74.35200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 11796, version 1.0\012- data
Hash 8d4079c3aa4f01e6d9bbd4f1bbcdf114
52ab47c062d0bfdbd34dbd31784008bd0e4c4227
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
GET /s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://birk.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 00:22:27 GMT
expires: Tue, 30 Jan 2024 00:22:27 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 15:47:01 GMT
content-type: font/woff2
age: 483943
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4b425e9b9824dbfa056e0dc9ad0f2de3
31b77897825b5044af1e36ad4c75d273a1536564
cde86f9caf26a5e99e2119afbe3037508bfe69be2754d10f8dfb4d94aef731e8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5278
Cache-Control: max-age=128471
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:48:10 GMT
Etag: "63ddae63-117"
Expires: Mon, 06 Feb 2023 02:29:21 GMT
Last-Modified: Sat, 04 Feb 2023 01:01:23 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 32f7db4821df97a238470533a8ba2827
f724c96750d551fd1ac89738dd5664e2740ddbec
6006fa28874765c922052009b00490d6b5a451f60d4406bbcf64f9d384293d6f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4984
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:48:10 GMT
Last-Modified: Sat, 04 Feb 2023 13:25:06 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
polyfill.io/v3/polyfill.min.js?features=default%2CArray.prototype.includes%2CPromise
151.101.129.26200 OK 94 B URL HTTP/2 polyfill.io/v3/polyfill.min.js?features=default%2CArray.prototype.includes%2CPromise
IP 151.101.129.26:0
Hash eb8b0ba88b3acfb11ea81d5c02be9108
4b7f14cc2db25abdbe25472934b7469b2488f9d4
7237f15a97fe102c6ed13eadc0f7980da03cd06a20dfb7c7b8050e60dada617d
GET /v3/polyfill.min.js?features=default%2CArray.prototype.includes%2CPromise HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://birk.no
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=UTF-8
last-modified: Thu, 02 Feb 2023 05:02:18 GMT
content-encoding: br
age: 0
accept-ranges: bytes
useragent_normaliser: firefox/105.0.0
date: Sat, 04 Feb 2023 14:48:10 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
vary: User-Agent, Accept-Encoding
server-timing: PASS, fastly;desc="Edge time";dur=21
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 94
X-Firefox-Spdy: h2
static.lipscore.com/assets/lipscore-v1.css
54.230.111.88200 OK 76 kB URL HTTP/1.1 static.lipscore.com/assets/lipscore-v1.css
IP 54.230.111.88:0
Hash 2aa08eeab689441a095ad24f4a4755d5
7c765a2bb76681160225c335631ea5ce531f2a04
3b74cf2cd440556cbd0718dfd02cb2904701b4cbfce8146ca354409f88b756ea
GET /assets/lipscore-v1.css HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 11839
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 09:17:17 GMT
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 04 Feb 2023 09:21:43 GMT
ETag: "bca558ebb20f7386e0502f2310839c00"
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: pLL8zxQpUqpUgbphPWhuS0T2deihUVOtO51eXmz1aGx2zBr7T5NSwA==
Age: 19588
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:48:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zendesk-handover.kindly.ai/app.js
199.36.158.100200 OK 1.9 kB URL HTTP/2 zendesk-handover.kindly.ai/app.js
IP 199.36.158.100:0
Hash 59a8c4d1543a13adaa66fa9522006cee
db4a0c5517de5d64bd5197fa582faf91e8122c8a
82bcaffc076c50c482ea3bdbebdcabdb95d5d19c3962fdf250c8f5276a938337
GET /app.js HTTP/1.1
Host: zendesk-handover.kindly.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "8c22ab326a55131c858c95d0ba6020957a538222071efbbfd0c2fb7bf154eece-br"
last-modified: Mon, 21 Feb 2022 13:55:55 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Sat, 04 Feb 2023 14:48:10 GMT
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675522091.661034,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1906
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226200 OK 263 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Size 263 kB (263351 bytes)
Hash 7c357d295c15421ddf3f0aa9bff86dcb
66d95e718441857da28a1b90f7dbcf912f429cf7
69e610503832580770bf87ede7fcdc3dc063f67808062f7eab96b730ae49ee90
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 14:48:10 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "723F60F002912AD339DA8A54C9D32DA77C542B3E"
Expires: Sun, 05 Feb 2023 01:00:00 GMT
Last-Modified: Sat, 04 Feb 2023 13:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1397
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794434aadbb6b500-OSL
ocsp.pki.goog/s/gts1d4/V7yddkyB76I
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/V7yddkyB76I
IP 216.58.211.3:0
Hash 62f34cf48d43588e1302f2a4aaf3a45d
f24c6d1f4a79059397e9f4dd1d66cd52017549d6
fe7797d4457379e07fb855ce7f1582111b2f0774c84185a7792881c236da790d
POST /s/gts1d4/V7yddkyB76I HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:48:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.spinnaker-js.com/rc/36660/scripts/s.js
54.230.111.49200 OK 17 B URL HTTP/2 cdn.spinnaker-js.com/rc/36660/scripts/s.js
IP 54.230.111.49:0
File type ASCII text, with no line terminators
Hash a33a21825ee0bbfbd37c7f17465ee58b
0a1cea8a83e1df552650c210cc03ec629839dc1a
0df9a681956d3517ba546fb467fb16450db50fbe22a87f318e12789161f3b78f
GET /rc/36660/scripts/s.js HTTP/1.1
Host: cdn.spinnaker-js.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 17
last-modified: Thu, 01 Dec 2022 11:01:28 GMT
x-amz-meta-version: -1
x-amz-meta-previous: rc/36660/scripts/s-1669892466.js
x-amz-meta-blankedout: true
x-amz-meta-deployeddate: 2022-12-01 11:01:06
x-amz-meta-invalidationid: I5YG4DHW0GELS
accept-ranges: bytes
server: AmazonS3
date: Sat, 04 Feb 2023 14:48:11 GMT
etag: "a33a21825ee0bbfbd37c7f17465ee58b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: v7uu_WL3mwvk652QIOkBiSv7W9Trs05HC72GL5pugiFDB31Vg95HKg==
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=4918517&t=2
185.89.210.90307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=4918517&t=2
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=4918517&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 04 Feb 2023 14:48:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D4918517%26t%3D2
AN-X-Request-Uuid: faaf31bd-c404-4d68-8db8-c226c31392ab
Set-Cookie: uuid2=5504966635599547655; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 05-May-2023 14:48:10 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D4918517%26t%3D2
185.89.210.90200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D4918517%26t%3D2
IP 185.89.210.90:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D4918517%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://birk.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 04 Feb 2023 14:48:10 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: dbd87041-4853-44e9-bc8d-22b0dd15d86e
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E?bczwFs!]tbP6j2F-XstGt!@Dy[$zGY'; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 05-May-2023 14:48:10 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
sleeknotecustomerscripts.sleeknote.com/5763.js
143.204.55.73200 OK 21 B URL HTTP/2 sleeknotecustomerscripts.sleeknote.com/5763.js
IP 143.204.55.73:0
File type very short file (no magic)
Hash ac9f02b3a33550e7d565636540428067
c9a4b0d05aa8e08bfde8eed97fa290f01338657e
c3368f96d6f6fef22ccc1ea7c68ccaec8b21deeb9462441eeeabba685796e497
GET /5763.js HTTP/1.1
Host: sleeknotecustomerscripts.sleeknote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 21
last-modified: Fri, 04 Nov 2022 08:28:20 GMT
content-encoding: gzip
x-amz-version-id: M_bWP5ENLsEHH4cLlhwXeOXCIzHCCp8m
accept-ranges: bytes
server: AmazonS3
date: Sat, 04 Feb 2023 14:47:34 GMT
cache-control: max-age=60
etag: "ac9f02b3a33550e7d565636540428067"
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: LNs0guscSqkcllMpBmy_X7HW500j04fda9CdELP1GoxGzt7reYm1Sw==
age: 38
X-Firefox-Spdy: h2
wapi.lipscore.com/hit?api_key=d3bc67aacad7d0f7acb67175
199.232.194.217200 OK 0 B URL HTTP/2 wapi.lipscore.com/hit?api_key=d3bc67aacad7d0f7acb67175
IP 199.232.194.217:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hit?api_key=d3bc67aacad7d0f7acb67175 HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://birk.no
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-credentials: true
accept-ranges: bytes
date: Sat, 04 Feb 2023 14:48:11 GMT
via: 1.1 varnish
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 0
x-timer: S1675522091.334621,VS0,VE0
access-control-allow-origin: https://birk.no
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash eaec045b3ddd52c5faf9bd5cb60819c0
edc1dc72c1770338b81963b75f21b74322332bd9
e0971a503940aefdfd724ab01c9c01cc1697f8d4ca87e4b5c4eda9ab5a7fb53b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 14:48:11 GMT
Last-Modified: Sat, 04 Feb 2023 14:10:25 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: m7bmz-tqeBUP5l0bBQ3CqKNPQZ5PCB-faAeCiXBsDCW8pUPtOLolww==
Age: 2266
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7c71e3bc4c32a00a112ea3dc97c3d567
6a86a66f5671a3468b6f2b1d490e872afdeaedbd
f98e237943f166f2b34eed36b07c11abed313f14442d3cad4b27ae31cecbcbd2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4550
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:48:11 GMT
Last-Modified: Sat, 04 Feb 2023 13:32:21 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
www.salesmanago.pl/static/sm.js
91.227.202.201200 OK 32 kB URL HTTP/2 www.salesmanago.pl/static/sm.js
IP 91.227.202.201:0
File type Unicode text, UTF-8 text, with very long lines (65508), with no line terminators
Hash c41ee2d2c6cf83e88680291ff1888d50
e5f839869d3f83f0d83bd256aa0e9544e2af654c
5246a65d11f9e0e41b6ebc859ea1cb5e85183cfb4bb31e9526c6461b9f6d18db
GET /static/sm.js HTTP/1.1
Host: www.salesmanago.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:11 GMT
server: Apache
last-modified: Fri, 27 Jan 2023 05:10:20 GMT
etag: "14769-5f337e1c8a51e-gzip"
accept-ranges: bytes
cache-control: max-age=3600, public
expires: Sat, 04 Feb 2023 15:48:11 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 32148
content-type: application/javascript
strict-transport-security: max-age=31540000
set-cookie: SERVERID=A; path=/
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 92f88de6cffbdd3012e971a28643acb1
4a8b8da38bbc5f48437ac597a362141cd7bba59c
0073e015e7bd8c22df100d8fe0a94c88d1862635fe68346cd92b86d454aea6fa
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144019
Date: Sat, 04 Feb 2023 14:48:11 GMT
Etag: "63dde674-1d7"
Expires: Mon, 06 Feb 2023 06:48:30 GMT
Last-Modified: Sat, 04 Feb 2023 05:00:36 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: heAu-hDuhFdWKKZW8bz0JLg0j2MrzYQLr5CDFvPGQk9I4v2NPfe2Aw==
Age: 6474
www.salesmanago.pl/static/chunk/sm_war.d6799d791623a371f9fe.js
91.227.202.201200 OK 5.7 kB URL HTTP/2 www.salesmanago.pl/static/chunk/sm_war.d6799d791623a371f9fe.js
IP 91.227.202.201:0
Hash 8b36ee1c84ecf61872bdba3ec3623f6f
a5054b22d082902c19dd547cbea5c04c0d17de32
03af375c6648e87f6bc9591cadf3eee79d0606c230159c7cb34e03c009d48925
GET /static/chunk/sm_war.d6799d791623a371f9fe.js HTTP/1.1
Host: www.salesmanago.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:11 GMT
server: Apache
last-modified: Fri, 27 Jan 2023 05:23:17 GMT
etag: "14b5-5f3381013bb40-gzip"
accept-ranges: bytes
cache-control: max-age=3600, public
expires: Sat, 04 Feb 2023 15:48:11 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2069
content-type: application/javascript
strict-transport-security: max-age=31540000
set-cookie: SERVERID=C; path=/
X-Firefox-Spdy: h2
rum-collector-2.pingdom.net/img/beacon.gif?id=5c6aba1d1872b50016000649&sAW=1280&sAH=1002&bIW=1280&bIH=939&pD=24&dPR=1&or=landscape-primary&nT=255&rC=0&nS=0&cS=508&cE=508&dLE=508&dLS=508&fS=508&hS=508&rE=-1&rS=-1&reS=517&resS=981&resE=984&uEE=-1&uES=-1&dL=987&dI=1235&dCLES=1337&dCLEE=1338&dC=1796&lES=1796&lEE=1799&s=nt&title=404%20Not%20Found&path=https%3A%2F%2Fbirk.no%2Fpivot-switchblade-29-pro-xo1-blue-fulldemper&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&sId=rd102crb&sST=1675522127&sIS=1&rV=0&v=1.4.1
52.208.206.201200 OK 0 B URL HTTP/1.1 rum-collector-2.pingdom.net/img/beacon.gif?id=5c6aba1d1872b50016000649&sAW=1280&sAH=1002&bIW=1280&bIH=939&pD=24&dPR=1&or=landscape-primary&nT=255&rC=0&nS=0&cS=508&cE=508&dLE=508&dLS=508&fS=508&hS=508&rE=-1&rS=-1&reS=517&resS=981&resE=984&uEE=-1&uES=-1&dL=987&dI=1235&dCLES=1337&dCLEE=1338&dC=1796&lES=1796&lEE=1799&s=nt&title=404%20Not%20Found&path=https%3A%2F%2Fbirk.no%2Fpivot-switchblade-29-pro-xo1-blue-fulldemper&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&sId=rd102crb&sST=1675522127&sIS=1&rV=0&v=1.4.1
IP 52.208.206.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/beacon.gif?id=5c6aba1d1872b50016000649&sAW=1280&sAH=1002&bIW=1280&bIH=939&pD=24&dPR=1&or=landscape-primary&nT=255&rC=0&nS=0&cS=508&cE=508&dLE=508&dLS=508&fS=508&hS=508&rE=-1&rS=-1&reS=517&resS=981&resE=984&uEE=-1&uES=-1&dL=987&dI=1235&dCLES=1337&dCLEE=1338&dC=1796&lES=1796&lEE=1799&s=nt&title=404%20Not%20Found&path=https%3A%2F%2Fbirk.no%2Fpivot-switchblade-29-pro-xo1-blue-fulldemper&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&sId=rd102crb&sST=1675522127&sIS=1&rV=0&v=1.4.1 HTTP/1.1
Host: rum-collector-2.pingdom.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://birk.no
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Date: Sat, 04 Feb 2023 14:48:11 GMT
Expires: 0
Pragma: no-cache
Content-Length: 0
Connection: keep-alive
www.salesmanago.pl/static/chunk/notification-center.853d413c776c271f7305.js
91.227.202.201200 OK 1.8 kB URL HTTP/2 www.salesmanago.pl/static/chunk/notification-center.853d413c776c271f7305.js
IP 91.227.202.201:0
File type ASCII text, with very long lines (4960), with no line terminators
Hash f5185db3ab028e0f302a43f4b32ec06a
5de2e6a4d3dec11f14bdd1553c9812afd34e5eae
4c59a741886f49bb7dcadf2d7da4d088525539c4a7360603d682094f1da5d428
GET /static/chunk/notification-center.853d413c776c271f7305.js HTTP/1.1
Host: www.salesmanago.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:11 GMT
server: Apache
last-modified: Fri, 27 Jan 2023 05:10:47 GMT
etag: "1360-5f337e366e7d1-gzip"
accept-ranges: bytes
cache-control: max-age=3600, public
expires: Sat, 04 Feb 2023 15:48:11 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1846
content-type: application/javascript
strict-transport-security: max-age=31540000
set-cookie: SERVERID=B; path=/
X-Firefox-Spdy: h2
www.salesmanago.pl/static/chunk/notification-center-like-button.a61f0f73832565a8d47f.js
91.227.202.201200 OK 801 B URL HTTP/2 www.salesmanago.pl/static/chunk/notification-center-like-button.a61f0f73832565a8d47f.js
IP 91.227.202.201:0
File type ASCII text, with very long lines (1715), with no line terminators
Hash 4754508eb9ab9d12e9bbc2785b392d8e
6193ec0c625188d12d287aee599f63bff7d84bc5
c675e6e5e17c9489eafafc2c5e054e4aca1be7204a8b7f39829ba5e806275642
GET /static/chunk/notification-center-like-button.a61f0f73832565a8d47f.js HTTP/1.1
Host: www.salesmanago.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:11 GMT
server: Apache
last-modified: Fri, 27 Jan 2023 05:23:17 GMT
etag: "6b3-5f3381013bb40-gzip"
accept-ranges: bytes
cache-control: max-age=3600, public
expires: Sat, 04 Feb 2023 15:48:11 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 801
content-type: application/javascript
strict-transport-security: max-age=31540000
set-cookie: SERVERID=C; path=/
X-Firefox-Spdy: h2
www.salesmanago.pl/static/chunk/social-proof.23ac1759643b9bce4f2e.js
91.227.202.201200 OK 4.5 kB URL HTTP/2 www.salesmanago.pl/static/chunk/social-proof.23ac1759643b9bce4f2e.js
IP 91.227.202.201:0
File type ASCII text, with very long lines (14278), with no line terminators
Hash b501656396de6afe2d10296a41c449dd
433f77c87d4ffcf0353a3f3a0bb9b1389a152b14
5f77c348c2864615e7d0d247f99406b3f9dce2511a7e7ddace98b41741d4e31c
GET /static/chunk/social-proof.23ac1759643b9bce4f2e.js HTTP/1.1
Host: www.salesmanago.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:11 GMT
server: Apache
last-modified: Fri, 27 Jan 2023 05:10:47 GMT
etag: "37c6-5f337e366ebb9-gzip"
accept-ranges: bytes
cache-control: max-age=3600, public
expires: Sat, 04 Feb 2023 15:48:11 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 4472
content-type: application/javascript
strict-transport-security: max-age=31540000
set-cookie: SERVERID=B; path=/
X-Firefox-Spdy: h2
www.salesmanago.pl/static/chunk/web-push.58ed78c2a55d5845c3ab.js
91.227.202.201200 OK 5.6 kB URL HTTP/2 www.salesmanago.pl/static/chunk/web-push.58ed78c2a55d5845c3ab.js
IP 91.227.202.201:0
File type ASCII text, with very long lines (14705), with no line terminators
Hash 259b45470df09d233afa0a830813bf10
3074e35b00c109b8e1a26e193aaac8c89ecda7ee
56c0c291426bf11058e068fecee2145ff23e2c83ca925fa52f51729d63b836df
GET /static/chunk/web-push.58ed78c2a55d5845c3ab.js HTTP/1.1
Host: www.salesmanago.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:11 GMT
server: Apache
last-modified: Fri, 27 Jan 2023 05:10:20 GMT
etag: "3971-5f337e1c8c075-gzip"
accept-ranges: bytes
cache-control: max-age=3600, public
expires: Sat, 04 Feb 2023 15:48:11 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 5601
content-type: application/javascript
strict-transport-security: max-age=31540000
set-cookie: SERVERID=A; path=/
X-Firefox-Spdy: h2
js-agent.newrelic.com/859.95d4308d-1222.js
151.101.194.137200 OK 3.0 kB URL HTTP/2 js-agent.newrelic.com/859.95d4308d-1222.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (6657), with no line terminators
Hash 364ac85aef21ab784eeec8f55116dff7
82089547d57defc88e114832b7eb9919a8876e31
255295be519de9a2d1040b1c547c25756b63310e2d7234bcf252ed41d5278c0b
GET /859.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PAOkWJ6WiOdnSUVZHZQv79Edy7uPwU81uM9fUJQx6T8UpQupKV3O9whnAR+3HGoYTBPmehtRe7k=
x-amz-request-id: WFN4FJZ1XN6DZ8EG
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "b087387593417c0b63259918da3584e3"
x-amz-version-id: GtNmis6Y3zB4SbtciuRtabFzp3T7wBIy
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 14:48:11 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 275
x-timer: S1675522092.943399,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2975
X-Firefox-Spdy: h2
js-agent.newrelic.com/569.95d4308d-1222.js
151.101.194.137200 OK 3.2 kB URL HTTP/2 js-agent.newrelic.com/569.95d4308d-1222.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (7513), with no line terminators
Hash 8d0953404ce6fdf0926ef6bf37d7e041
8cec9d9883f8b7720721bb33bffb4afe45193b1d
83966eef1899edd421692b78cda8df58dfb9b0b2b27a7485183c5b4cb44a336d
GET /569.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: v+E2uK5EOShfz1aeDzYcwNWitGv9mKnF6hMwgfWjfoR/qfIZPK6AF+v3z+by8JUQg3fSUYcltK4=
x-amz-request-id: WFNFJ5TESSHD3FE6
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "e97726ab932639fed09971b1d682788c"
x-amz-version-id: umZj.yHws5JPiBHG1j096ELWHEKx7rh0
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 14:48:12 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 277
x-timer: S1675522092.009690,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3173
X-Firefox-Spdy: h2
www.salesmanago.pl/api/vc.json?s=cgdoykq263su4khq
91.227.202.201200 OK 2.0 kB URL HTTP/2 www.salesmanago.pl/api/vc.json?s=cgdoykq263su4khq
IP 91.227.202.201:0
File type JSON data\012- , ASCII text, with very long lines (4274), with no line terminators
Hash 8465b4032d8f9a395a4ee1088143c271
ba0ebd6be74b943430007550bdfa8bf312f84a54
ac05f238ba6ab17e93cfe19bfb7f4ec97d99d009e45f3209463957af2e0b93a0
GET /api/vc.json?s=cgdoykq263su4khq HTTP/1.1
Host: www.salesmanago.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://birk.no
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:11 GMT
server: Apache
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: max-age=1
expires: Sat, 04 Feb 2023 14:48:12 GMT
content-encoding: gzip
content-type: application/json;charset=utf-8
strict-transport-security: max-age=31540000
set-cookie: SERVERID=A; path=/
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-775571.js?sv=6
54.230.111.39200 OK 6.1 kB URL HTTP/2 static.hotjar.com/c/hotjar-775571.js?sv=6
IP 54.230.111.39:0
File type Unicode text, UTF-8 text, with very long lines (7459)
Hash 899ee716dd13c502bae4b86fd0e3df93
95693da01100857be00edf7e228461355d1aa3f0
1a868b8f7e676f2e13ac20951910b05681efcb3cb3a36147dda6255dc85fbcaa
GET /c/hotjar-775571.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Sat, 04 Feb 2023 14:48:11 GMT
cache-control: max-age=60
etag: W/839edea3b1975e12af8e6ccbc955890d
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DIcLbG9q3h85hcnBQxU5YQbFRN5RhEqWfqZ1U3_ZIcHVlSvIkg4tiQ==
age: 50
X-Firefox-Spdy: h2
js-agent.newrelic.com/885.95d4308d-1222.js
151.101.194.137200 OK 5.9 kB URL HTTP/2 js-agent.newrelic.com/885.95d4308d-1222.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (16348), with no line terminators
Hash 2414f7dbfd0e2cb3d826fc02a8b608dc
550db9b7abbcd2e5a0d4ab9c414933e1a0bd36fc
8239519b8bff793ad186f4ab9017f8a6ed34edc1df3361958075077ee7677b3d
GET /885.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: iuZsFv406u1sMvs0ma20vGvuMApZWTFFZj+faC5P7Ry157RP7v+m+H8/pYueXH7fkGpYpHbtGFk=
x-amz-request-id: 99ZMGE3ZKMAWH9CW
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "fb9bb822463bccec4200657d3ae33dc0"
x-amz-version-id: PKmhKUoshrjILDxYc6QEKM_sGJ.F4FNB
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 14:48:12 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 74
x-timer: S1675522092.025819,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5930
X-Firefox-Spdy: h2
js-agent.newrelic.com/41.95d4308d-1222.js
151.101.194.137200 OK 439 B URL HTTP/2 js-agent.newrelic.com/41.95d4308d-1222.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (828), with no line terminators
Hash 46946da829a2257cd8bdeb75bc6f8ff9
bfb81d0ebb2c5a2c0fe666f6a9c4c09cc5a545b3
50e164f0b5274f88ecc28c833729663593b3380aed5a4ac3a06d29106332a544
GET /41.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 2TG7kVMnt5x5EwbcjDgF/pAaH/jmgGXStlMFEbvOUPNYaRTe14pFRmwb0VQGFJQN7uXfEncHoqkNLs4TYWl92Q==
x-amz-request-id: MFEHG5GPGK6ZYQVP
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "29dd8aef66100e4c69e07fd60fc88b12"
x-amz-version-id: 6FOFyXAonMoqJqLGEMhx7HWIp32cv4MT
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 14:48:12 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 275
x-timer: S1675522092.028028,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 439
X-Firefox-Spdy: h2
js-agent.newrelic.com/142.95d4308d-1222.js
151.101.194.137200 OK 880 B URL HTTP/2 js-agent.newrelic.com/142.95d4308d-1222.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (2014), with no line terminators
Hash c962fb555005bf74b5010cd5c748c721
5c7c22b348a994aad18e8162bb1f78b9fd49c491
077c18d946bf505b4efe75b1b3c3d9c6b3ad6af3e5b5d08a41fedf7aceb84233
GET /142.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: /ZtX43ynOvSaYlrJ/LhlDymHqsr4/Ext49IQ1RQZxLK2MPDMHv59yC5Li6+9oNRuTnKxUqkvJhI=
x-amz-request-id: MFEMFHWSJ1CY7RPR
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "082c9f0a95ce6870ed4d9266fa0e41e5"
x-amz-version-id: ed_.QNbbUDaLQJRSZtC0TghsoJcp2gVk
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 14:48:12 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 142
x-timer: S1675522092.028875,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 880
X-Firefox-Spdy: h2
js-agent.newrelic.com/244.95d4308d-1222.js
151.101.194.137200 OK 2.6 kB URL HTTP/2 js-agent.newrelic.com/244.95d4308d-1222.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (6871), with no line terminators
Hash f3fa38d9e10cf246f158644ebd64b342
c2730a8b130475b903b30148ea5cf79eb7de1873
6aea0ff08f0ed145b42d52f81d167df30a300f3da22b687fa2de3be48df1badb
GET /244.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: HqAuLbtc4kLXjp/HM/sZyPqsDbRk1eMZXQl1gAv0l9/yRrGf//JiuVcahDTT5bis4NqiPxfG4OQ=
x-amz-request-id: D866GB1QGPTYVJ4R
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "a24fd7e602a6b44ab4c03cab69c843c6"
x-amz-version-id: wm7C04ehQ1WMJgMW5R_.Vg0x6NJINoji
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 14:48:12 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 141
x-timer: S1675522092.028904,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2607
X-Firefox-Spdy: h2
js-agent.newrelic.com/466.95d4308d-1222.js
151.101.194.137200 OK 2.8 kB URL HTTP/2 js-agent.newrelic.com/466.95d4308d-1222.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (6842), with no line terminators
Hash 0545743760ba9995e8efbe879105162f
889887ac56edaf2cfe41752ec0893a9ac5d23db0
91a431e85d69e797b8a8817bb15aee94a9fbe38355a6890f75e8947a55386ee0
GET /466.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Y3xfvlvSw36CE9GOKklvJeG0iBkCsl/ss+e4vNwZhrKvjIdjtQLayCw3yQPVxbIyEllIzLdCgUw=
x-amz-request-id: MFEHC9QF926X2AZG
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "2b339e4b3b0435de10496ee00de8446a"
x-amz-version-id: joCLqMlafBXUuB094SKQ5Jhlrbz7F.ON
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 14:48:12 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 141
x-timer: S1675522092.028862,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2760
X-Firefox-Spdy: h2
www.salesmanago.pl/api/vs?location=birk.no&referrer=https%3A%2F%2Fno-go.kelkoogroup.net%2F
91.227.202.201200 OK 2.2 kB URL HTTP/2 www.salesmanago.pl/api/vs?location=birk.no&referrer=https%3A%2F%2Fno-go.kelkoogroup.net%2F
IP 91.227.202.201:0
File type JSON data\012- , ASCII text, with very long lines (4711), with no line terminators
Hash 139020f8c613ae445582827c04f9c745
6b6111308c6b3672e8c4b914224dca941751b865
922b38b06399b88e9193fb97e24f0c7ed6cd40faf4b793b3bf204128105f22be
GET /api/vs?location=birk.no&referrer=https%3A%2F%2Fno-go.kelkoogroup.net%2F HTTP/1.1
Host: www.salesmanago.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://birk.no
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:11 GMT
server: Apache
access-control-allow-origin: *
cache-control: max-age=1
expires: Sat, 04 Feb 2023 14:48:12 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: application/json;charset=UTF-8
strict-transport-security: max-age=31540000
set-cookie: SERVERID=B; path=/
X-Firefox-Spdy: h2
vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
143.204.55.118200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
IP 143.204.55.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 112fdf47cdb80b9ce3d033ed09717460
3898efa86cbf1b64dc41a90a110ed5afd6f2ae13
3bfb2e882091d872eece2eee40084183a5fcb0a7ed98c1b004850751260a4cbb
GET /box-e031119f9e9e307a08fa610f85dbfb52.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1034
date: Fri, 03 Feb 2023 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UGbk3q1149EF-GaSFmp8NdPK4tARkq8Rve2JEpC1jy8cE9mo03FUWA==
age: 92286
X-Firefox-Spdy: h2
www.salesmanago.pl/static/socialProof/style.min.css?184472c6ae4
91.227.202.201200 OK 1.0 kB URL HTTP/2 www.salesmanago.pl/static/socialProof/style.min.css?184472c6ae4
IP 91.227.202.201:0
File type ASCII text, with very long lines (319)
Hash 2fbbba37ca2435a59944e512fe8139f6
ac19ac39884505e144ebc07739fafc5856bc6518
4c085d5856a310884a5788a00321ce1a2fef9663cf61a64a62d6a2cf79ab52b6
GET /static/socialProof/style.min.css?184472c6ae4 HTTP/1.1
Host: www.salesmanago.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.salesmanago.pl/api/social/proof/ms/cgdoykq263su4khq/4b50026b-7f80-4223-9a05-e9b2b1bb4500.htm?p=https%3A%2F%2Fbirk.no%2Fpivot-switchblade-29-pro-xo1-blue-fulldemper&dl=ON_PRODUCT_PAGES&rup=false
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:12 GMT
server: Apache
last-modified: Fri, 27 Jan 2023 05:23:18 GMT
etag: "cc8-5f3381022fd80-gzip"
accept-ranges: bytes
cache-control: max-age=3600, public
expires: Sat, 04 Feb 2023 15:48:12 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1043
content-type: text/css
strict-transport-security: max-age=31540000
set-cookie: SERVERID=C; path=/
X-Firefox-Spdy: h2
www.salesmanago.pl/api/r.gif?uri=%2Fpivot-switchblade-29-pro-xo1-blue-fulldemper&location=birk.no&uuid=1812d7442d8-b755d9cbef30-4893b9fa-39a3da50-c94a3863-fdaded94a632&referrer=https%3A%2F%2Fno-go.kelkoogroup.net%2F&smid=cgdoykq263su4khq&time=2023-02-04T14%3A48%3A47Z×tamp=1675522127671&session=5&title=404%20Not%20Found&cp=1675522127671&ns=false
91.227.202.201200 OK 2.6 kB URL HTTP/2 www.salesmanago.pl/api/r.gif?uri=%2Fpivot-switchblade-29-pro-xo1-blue-fulldemper&location=birk.no&uuid=1812d7442d8-b755d9cbef30-4893b9fa-39a3da50-c94a3863-fdaded94a632&referrer=https%3A%2F%2Fno-go.kelkoogroup.net%2F&smid=cgdoykq263su4khq&time=2023-02-04T14%3A48%3A47Z×tamp=1675522127671&session=5&title=404%20Not%20Found&cp=1675522127671&ns=false
IP 91.227.202.201:0
File type Unicode text, UTF-8 text, with very long lines (6064)
Hash db16a45549d78e649c3f514134b64844
946dc18adae8e7535191cc001c11cc4ebc555093
bd02284596da7769ed300f311f54fd81bf42c593f4b6340bbceb17776a2895db
GET /api/r.gif?uri=%2Fpivot-switchblade-29-pro-xo1-blue-fulldemper&location=birk.no&uuid=1812d7442d8-b755d9cbef30-4893b9fa-39a3da50-c94a3863-fdaded94a632&referrer=https%3A%2F%2Fno-go.kelkoogroup.net%2F&smid=cgdoykq263su4khq&time=2023-02-04T14%3A48%3A47Z×tamp=1675522127671&session=5&title=404%20Not%20Found&cp=1675522127671&ns=false HTTP/1.1
Host: www.salesmanago.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:11 GMT
server: Apache
cache-control: max-age=0
expires: Sat, 04 Feb 2023 14:48:11 GMT
content-type: image/gif;charset=UTF-8
strict-transport-security: max-age=31540000
set-cookie: smg=f629befe-5c88-40bb-81e2-1a2010ed32b9; Max-Age=315360000; Expires=Tue, 01-Feb-2033 14:48:11 GMT; Domain=salesmanago.pl; Path=/
SERVERID=C; path=/
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
bam.eu01.nr-data.net/1/NRJS-66364d03c6561159ae7?a=204441533,207750328&v=1222.PROD&to=MhBSZQoZWkYHVhUKVwtacVIMEVtbSVYMEBcLGkJeDQxRGg9bBQZA&rst=2881&ck=0&s=05e9056fe03cd383&ref=https://birk.no/pivot-switchblade-29-pro-xo1-blue-fulldemper&ap=372&be=1185&fe=900&dc=898&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675522125164,%22n%22:0,%22f%22:508,%22dn%22:508,%22dne%22:508,%22c%22:508,%22s%22:508,%22ce%22:508,%22rq%22:517,%22rp%22:981,%22rpe%22:984,%22dl%22:987,%22di%22:1235,%22ds%22:1337,%22de%22:1338,%22dc%22:1796,%22l%22:1796,%22le%22:1799%7D,%22navigation%22:%7B%22ty%22:255%7D%7D&fcp=1304&at=HldFE0IDSRlEVENZQxgI&jsonp=NREUM.setToken
185.221.87.23200 OK 49 B URL HTTP/1.1 bam.eu01.nr-data.net/1/NRJS-66364d03c6561159ae7?a=204441533,207750328&v=1222.PROD&to=MhBSZQoZWkYHVhUKVwtacVIMEVtbSVYMEBcLGkJeDQxRGg9bBQZA&rst=2881&ck=0&s=05e9056fe03cd383&ref=https://birk.no/pivot-switchblade-29-pro-xo1-blue-fulldemper&ap=372&be=1185&fe=900&dc=898&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675522125164,%22n%22:0,%22f%22:508,%22dn%22:508,%22dne%22:508,%22c%22:508,%22s%22:508,%22ce%22:508,%22rq%22:517,%22rp%22:981,%22rpe%22:984,%22dl%22:987,%22di%22:1235,%22ds%22:1337,%22de%22:1338,%22dc%22:1796,%22l%22:1796,%22le%22:1799%7D,%22navigation%22:%7B%22ty%22:255%7D%7D&fcp=1304&at=HldFE0IDSRlEVENZQxgI&jsonp=NREUM.setToken
IP 185.221.87.23:0
ASN #206998 New Relic International Limited
File type ASCII text, with no line terminators
Hash f34efd1229ae6c1fec6c67f7fa8e20f9
477f40b6d9cb8a306b0aca97462caef4ab26cb6f
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
GET /1/NRJS-66364d03c6561159ae7?a=204441533,207750328&v=1222.PROD&to=MhBSZQoZWkYHVhUKVwtacVIMEVtbSVYMEBcLGkJeDQxRGg9bBQZA&rst=2881&ck=0&s=05e9056fe03cd383&ref=https://birk.no/pivot-switchblade-29-pro-xo1-blue-fulldemper&ap=372&be=1185&fe=900&dc=898&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675522125164,%22n%22:0,%22f%22:508,%22dn%22:508,%22dne%22:508,%22c%22:508,%22s%22:508,%22ce%22:508,%22rq%22:517,%22rp%22:981,%22rpe%22:984,%22dl%22:987,%22di%22:1235,%22ds%22:1337,%22de%22:1338,%22dc%22:1796,%22l%22:1796,%22le%22:1799%7D,%22navigation%22:%7B%22ty%22:255%7D%7D&fcp=1304&at=HldFE0IDSRlEVENZQxgI&jsonp=NREUM.setToken HTTP/1.1
Host: bam.eu01.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 49
content-type: text/javascript
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-envoy-upstream-service-time: 3
server: istio-envoy
x-timer: S1675522092.184729,VS0,VE23
accept-ranges: bytes
date: Sat, 04 Feb 2023 14:48:12 GMT
via: 1.1 varnish
x-served-by: cache-bma1661-BMA
x-cache: MISS
x-cache-hits: 0
bam.eu01.nr-data.net/resources/1/NRJS-66364d03c6561159ae7?a=204441533,207750328&v=1222.PROD&to=MhBSZQoZWkYHVhUKVwtacVIMEVtbSVYMEBcLGkJeDQxRGg9bBQZA&rst=3091&ck=0&s=05e9056fe03cd383&ref=https://birk.no/pivot-switchblade-29-pro-xo1-blue-fulldemper&st=1675522126349&at=HldFE0IDSRlEVENZQxgI
185.221.87.23200 OK 36 B URL HTTP/1.1 bam.eu01.nr-data.net/resources/1/NRJS-66364d03c6561159ae7?a=204441533,207750328&v=1222.PROD&to=MhBSZQoZWkYHVhUKVwtacVIMEVtbSVYMEBcLGkJeDQxRGg9bBQZA&rst=3091&ck=0&s=05e9056fe03cd383&ref=https://birk.no/pivot-switchblade-29-pro-xo1-blue-fulldemper&st=1675522126349&at=HldFE0IDSRlEVENZQxgI
IP 185.221.87.23:0
ASN #206998 New Relic International Limited
File type ASCII text, with no line terminators
Hash 946c2cdcd483ecbabba4feebef766ec8
1c2efba17e52d595305c87ec374cc35ed5c1d79f
10198756939ea03e6c9a8f4e0faaadf082f140af17e664f33a8dc0edd1dbd179
POST /resources/1/NRJS-66364d03c6561159ae7?a=204441533,207750328&v=1222.PROD&to=MhBSZQoZWkYHVhUKVwtacVIMEVtbSVYMEBcLGkJeDQxRGg9bBQZA&rst=3091&ck=0&s=05e9056fe03cd383&ref=https://birk.no/pivot-switchblade-29-pro-xo1-blue-fulldemper&st=1675522126349&at=HldFE0IDSRlEVENZQxgI HTTP/1.1
Host: bam.eu01.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1179
Origin: https://birk.no
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 36
content-type: text/plain
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://birk.no
x-envoy-upstream-service-time: 0
server: istio-envoy
x-timer: S1675522092.315934,VS0,VE19
accept-ranges: bytes
date: Sat, 04 Feb 2023 14:48:12 GMT
via: 1.1 varnish
x-served-by: cache-bma1661-BMA
x-cache: MISS
x-cache-hits: 0
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:48:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?onload=globalOnRecaptchaOnLoadCallback&render=explicit
216.58.211.4200 OK 1.1 kB URL HTTP/2 www.google.com/recaptcha/api.js?onload=globalOnRecaptchaOnLoadCallback&render=explicit
IP 216.58.211.4:0
File type ASCII text, with very long lines (926)
Hash 905d30732689ea10fa180c3ea0b41cfe
94d51cbb88ef893ce53a1ee8f48fce64579c5f50
69ff7938a44e86077903021287da1f10063ea12343a5697ebcbf9c1bda6835e7
GET /recaptcha/api.js?onload=globalOnRecaptchaOnLoadCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 04 Feb 2023 14:48:12 GMT
date: Sat, 04 Feb 2023 14:48:12 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 589
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:48:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 460ac891a4ddc0c19d6919beb9c9dae9
c429982e63c5b47b682e0b5f62c67a9eb1ef94ba
4a2b65d81017c3815630a5c51f479fbd876d54f20c209ba4cd75e7f1503b7029
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 14:48:12 GMT
Last-Modified: Sat, 04 Feb 2023 14:29:06 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2eFHgNhvMRv6n-zC7w-owG1cIPONN9rdQEmkkKdieIhM47is5KRkYQ==
Age: 1146
www.salesmanago.pl/api/social/proof/ms/ack.htm?shortId=cgdoykq263su4khq&id=4b50026b-7f80-4223-9a05-e9b2b1bb4500
91.227.202.201200 OK 0 B URL HTTP/2 www.salesmanago.pl/api/social/proof/ms/ack.htm?shortId=cgdoykq263su4khq&id=4b50026b-7f80-4223-9a05-e9b2b1bb4500
IP 91.227.202.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/social/proof/ms/ack.htm?shortId=cgdoykq263su4khq&id=4b50026b-7f80-4223-9a05-e9b2b1bb4500 HTTP/1.1
Host: www.salesmanago.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.salesmanago.pl/api/social/proof/ms/cgdoykq263su4khq/4b50026b-7f80-4223-9a05-e9b2b1bb4500.htm?p=https%3A%2F%2Fbirk.no%2Fpivot-switchblade-29-pro-xo1-blue-fulldemper&dl=ON_PRODUCT_PAGES&rup=false
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:12 GMT
server: Apache
content-length: 0
cache-control: max-age=0
expires: Sat, 04 Feb 2023 14:48:12 GMT
content-type: text/html
strict-transport-security: max-age=31540000
set-cookie: SERVERID=C; path=/
X-Firefox-Spdy: h2
bam.eu01.nr-data.net/events/1/NRJS-66364d03c6561159ae7?a=204441533,207750328&v=1222.PROD&to=MhBSZQoZWkYHVhUKVwtacVIMEVtbSVYMEBcLGkJeDQxRGg9bBQZA&rst=3363&ck=0&s=05e9056fe03cd383&ref=https://birk.no/pivot-switchblade-29-pro-xo1-blue-fulldemper&ptid=ce81bd56-0001-b853-3b96-01861ce62d25
185.221.87.23200 OK 1.1 kB URL HTTP/1.1 bam.eu01.nr-data.net/events/1/NRJS-66364d03c6561159ae7?a=204441533,207750328&v=1222.PROD&to=MhBSZQoZWkYHVhUKVwtacVIMEVtbSVYMEBcLGkJeDQxRGg9bBQZA&rst=3363&ck=0&s=05e9056fe03cd383&ref=https://birk.no/pivot-switchblade-29-pro-xo1-blue-fulldemper&ptid=ce81bd56-0001-b853-3b96-01861ce62d25
IP 185.221.87.23:0
ASN #206998 New Relic International Limited
Hash bb6081e1ffe937ceec8ffc4f5d4e7e86
ba2fe894269a29af60a02b9043489a08e04cef10
9aca380399658257361b1283c4fcfea088f4899624e9de8c65317e7cd13cb96e
POST /events/1/NRJS-66364d03c6561159ae7?a=204441533,207750328&v=1222.PROD&to=MhBSZQoZWkYHVhUKVwtacVIMEVtbSVYMEBcLGkJeDQxRGg9bBQZA&rst=3363&ck=0&s=05e9056fe03cd383&ref=https://birk.no/pivot-switchblade-29-pro-xo1-blue-fulldemper&ptid=ce81bd56-0001-b853-3b96-01861ce62d25 HTTP/1.1
Host: bam.eu01.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 217
Origin: https://birk.no
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 24
content-type: image/gif
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://birk.no
x-envoy-upstream-service-time: 1
server: istio-envoy
x-timer: S1675522093.597637,VS0,VE20
accept-ranges: bytes
date: Sat, 04 Feb 2023 14:48:12 GMT
via: 1.1 varnish
x-served-by: cache-bma1661-BMA
x-cache: MISS
x-cache-hits: 0
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (633)
Size 164 kB (163841 bytes)
Hash fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://birk.no
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 08:53:11 GMT
expires: Wed, 31 Jan 2024 08:53:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 366901
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b6b2b48039e3fd0de7b90a1ebcafd1c4
0881f0f16b2deea7b06143515ec5dc06b3d1630b
d173152c46d026e2b71dd3f00b59a794ba49b3f2127daec89e16cefac9928f2e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=151606
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:48:12 GMT
Etag: "63de1d62-117"
Expires: Mon, 06 Feb 2023 08:54:58 GMT
Last-Modified: Sat, 04 Feb 2023 08:54:58 GMT
Server: nginx
Content-Length: 279
in.hotjar.com/api/v2/client/sites/775571/visit-data?sv=6
3.248.90.71200 OK 248 kB URL HTTP/2 in.hotjar.com/api/v2/client/sites/775571/visit-data?sv=6
IP 3.248.90.71:0
File type JSON data\012- , ASCII text, with no line terminators
Size 248 kB (248514 bytes)
Hash 62eafc91c32d2b8f18ac94177fc32922
53b70eb248617417b6a1902a1b0c8c0cd5b033f7
9da7794e82aab4e20ca5512b48a69286cfa55594f1bf6b61e330331205e4a3fd
POST /api/v2/client/sites/775571/visit-data?sv=6 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 130
Origin: https://birk.no
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:12 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash ed31425d6e6bede1e7d316b969c7186a
00518d869c33322c1d262bc6300a4b731848ff0b
ab29a92e76ed593c517f657148cdd106bfdbea7b167486df0dd4ad00981a9fdb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 14:48:13 GMT
Last-Modified: Sat, 04 Feb 2023 13:14:34 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EaQo9R8Hl6kxUJqwD4w_6GGhB8b6sEsjgxCHJDqFRo9JLRZqI10kwg==
Age: 5619
widget-mediator.zopim.com/s/W/ws/Zj8akzjCUrV5SY9N/c/1675522129576
35.157.85.153101 Switching Protocols 0 B URL HTTP/1.1 widget-mediator.zopim.com/s/W/ws/Zj8akzjCUrV5SY9N/c/1675522129576
IP 35.157.85.153:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/W/ws/Zj8akzjCUrV5SY9N/c/1675522129576 HTTP/1.1
Host: widget-mediator.zopim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://birk.no
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YFFoAdBTkx8YXUKmbKXJmQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sat, 04 Feb 2023 14:48:13 GMT
Connection: upgrade
Set-Cookie: AWSALB=9wNASotnjYmFtC4D0/wntC/OU5KQT76n5PX2F5y5zJ0/Fq2hHPLGgUnX+QtQOhKTJjjjoiEStjcXDnzia2XaZZxxT/jKV/GYnNBTAhP+05jv8aDis6sGMxbAiTs7; Expires=Sat, 11 Feb 2023 14:48:13 GMT; Path=/
AWSALBCORS=9wNASotnjYmFtC4D0/wntC/OU5KQT76n5PX2F5y5zJ0/Fq2hHPLGgUnX+QtQOhKTJjjjoiEStjcXDnzia2XaZZxxT/jKV/GYnNBTAhP+05jv8aDis6sGMxbAiTs7; Expires=Sat, 11 Feb 2023 14:48:13 GMT; Path=/; SameSite=None; Secure
Upgrade: websocket
Sec-WebSocket-Accept: au2q5qIsXzHi6lo5ypB3IbXxEFc=
Sec-WebSocket-Version: 13
WebSocket-Server: uWebSockets
static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-34c91d3.js
104.18.72.113200 OK 20 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-34c91d3.js
IP 104.18.72.113:0
File type ASCII text, with no line terminators
Hash 7ecbeb9fbae3abfe6ebd258f7d0b9ad3
c51d653cfe5d82402b6d029ad66022cc42cbe190
5dc737f70ad8bc7f9aa0e601985b1c5fba3120f71f3bb29387c12b1df54b5059
GET /web_widget/latest/classic/web-widget-chat-incoming-message-notification-34c91d3.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:14 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: cJPl58f1Z/0sqIdUecCLv4quM2PK+wq3pTKGh7joMMBk9lLWnDUnJx2V9E5xs0ZBmxG5+X67qmQiDkGQA6Ym8Q==
x-amz-request-id: 8SC6VZS6VZW7TZQH
x-amz-replication-status: COMPLETED
last-modified: Mon, 30 Jan 2023 01:11:44 GMT
etag: W/"659635f5ad1b6653645380f46aa42236"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 30 Jan 2024 01:11:43 GMT
x-amz-version-id: xcNPO7Jko.vSxuLt0DB2ypeRYH_2idj5
cf-cache-status: HIT
age: 291919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNIGxswhamUlECvw29GZBCKI7Vv1FoTVijtHrwniZ76%2FVlvWhUJlAs3qmvs8FYgqXuxkQpJvZEefeohbu44BPNApiH7EE2O6bmddD2FTKVMfpgxwU5IwbHn%2Fsg5lfh%2FphRQZ89E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 794434c02f1fb527-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.salesmanago.pl/api/push/notification/consent/displaySettings.json?id=5a954740-7a88-4184-a47f-8dbee7dcd330
91.227.202.201200 OK 1.1 kB URL HTTP/2 www.salesmanago.pl/api/push/notification/consent/displaySettings.json?id=5a954740-7a88-4184-a47f-8dbee7dcd330
IP 91.227.202.201:0
File type JSON data\012- , ASCII text, with very long lines (2377), with no line terminators
Hash e7291234781ee41e6cb6539b41e44605
5dd9640b1badd23cf3889aa509ea424eb9648d91
4403f56f85a619367caa1ee1c7b90cd959171922006ad8ac3086bc193c8f7114
GET /api/push/notification/consent/displaySettings.json?id=5a954740-7a88-4184-a47f-8dbee7dcd330 HTTP/1.1
Host: www.salesmanago.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://birk.no
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:14 GMT
server: Apache
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: max-age=0
expires: Sat, 04 Feb 2023 14:48:14 GMT
content-encoding: gzip
content-type: text/plain;charset=ISO-8859-1
strict-transport-security: max-age=31540000
set-cookie: SERVERID=B; path=/
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-5324-34c91d3.js
104.18.72.113200 OK 118 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-5324-34c91d3.js
IP 104.18.72.113:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 118 kB (118122 bytes)
Hash f219e7688b4e6679a92e54d0dfd8e57f
2050036e22f3d601d5d27380071f354ced48e675
08fa3bba50d85bb4f304ece1881602f2cd2fb21d9bfb0cf765644d551a252ea3
GET /web_widget/latest/classic/web-widget-5324-34c91d3.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:13 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: kNKtAh5j74VCRQUuSSi1H7gGWEBas+ZMho2E/NRakx2x+qN+2EvUVBkNbiaB2bdjibN4Eb3GEbg=
x-amz-request-id: 8SC131HFWH6HSGCE
x-amz-replication-status: COMPLETED
last-modified: Mon, 30 Jan 2023 01:11:44 GMT
etag: W/"e40ffe6686756f7ae653217693dadaac"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 30 Jan 2024 01:11:43 GMT
x-amz-version-id: 6AuBmSIJ32qDXiB1mw4Drv9aAUt8ZDjH
cf-cache-status: HIT
age: 291920
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DMfLyFIWquXTKz%2FUtC2p1%2Bw4ltsQRwdHW6R00ixtfuwAqSByQ1DNjFYF%2BUWID3U9b9narw4NMp42mS9Scln3EDF4pR9Ejvf5hhq8uSTt%2FFGl9XLdBUi6WHaSy00pxMXn2%2FZ8Juw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 794434baafacb527-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.salesmanago.pl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:52:41 GMT
expires: Tue, 30 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 417334
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 3c645eb34ae873592bf93b26ced7b737
680fc8089ae29f7e7552e90ea08f32a6b366190f
4a1375ad4733b1403d4e84ff3b95c7176fdbe29e714538d7b0eafc9db47c0d14
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 14:48:15 GMT
Last-Modified: Sat, 04 Feb 2023 14:19:49 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gKGdmS0vME4Losp9-nNA40Vs8h7B7CrQbM0wKJR_MZ6jgUrwzQgSog==
Age: 1706
s-img.s3-eu-west-1.amazonaws.com/ool92c3afdpnvquc.png
52.92.16.226200 OK 9.0 kB URL HTTP/1.1 s-img.s3-eu-west-1.amazonaws.com/ool92c3afdpnvquc.png
IP 52.92.16.226:0
File type gzip compressed data, max compression\012- data
Hash ea7b9da7d290eb87482afa4e434d0687
d23dfa809b6b5ae6563effc27287e807c498ee93
3390b52cd2dc282721a7c9a6e48f56c599786dac653accd8e5af17f74dce83b6
GET /ool92c3afdpnvquc.png HTTP/1.1
Host: s-img.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.salesmanago.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: +8uQ/ZLqQ8JBqdMCwXxRivBBEHsmOZ0zbsXb2svcwT2BYscQm4RjMTJNf3MlqK5qL+KsLEvFEhI=
x-amz-request-id: CZDFJPT0WJP1Q49S
Date: Sat, 04 Feb 2023 14:48:16 GMT
Last-Modified: Thu, 18 Aug 2022 08:13:51 GMT
ETag: "70262d4f38baa30801db0bfceacdc910"
x-amz-version-id: l5HUuuaTrEGv8udayOpnOl4j3jTLsvBw
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 8207
rum-static.pingdom.net/pa-5c6aba1d1872b50016000649.js
104.22.55.104200 OK 0 B URL HTTP/2 rum-static.pingdom.net/pa-5c6aba1d1872b50016000649.js
IP 104.22.55.104:0
GET /pa-5c6aba1d1872b50016000649.js HTTP/1.1
Host: rum-static.pingdom.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
vary: Accept-Encoding
etag: W/"63490024-1852"
expires: Sat, 04 Feb 2023 14:53:10 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 794434aab8d7b50f-OSL
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css
IP 104.18.11.207:0
GET /font-awesome/latest/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:10 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 632, 718
last-modified: Mon, 25 Jan 2021 22:04:56 GMT
cdn-cachedat: 2021-03-10 20:26:23
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 41f4151e67d75960478f0826b0345bfe
cdn-cache: HIT
cf-cache-status: HIT
age: 24832894
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 794434a83fe3b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Titillium+Web:400,400i,700,700i&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Titillium+Web:400,400i,700,700i&display=swap
IP 142.250.74.106:0
GET /css?family=Titillium+Web:400,400i,700,700i&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 14:48:10 GMT
date: Sat, 04 Feb 2023 14:48:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.salesmanago.pl/api/social/proof/ms/cgdoykq263su4khq/4b50026b-7f80-4223-9a05-e9b2b1bb4500.htm?p=https%3A%2F%2Fbirk.no%2Fpivot-switchblade-29-pro-xo1-blue-fulldemper&dl=ON_PRODUCT_PAGES&rup=false
91.227.202.201200 OK 0 B URL HTTP/2 www.salesmanago.pl/api/social/proof/ms/cgdoykq263su4khq/4b50026b-7f80-4223-9a05-e9b2b1bb4500.htm?p=https%3A%2F%2Fbirk.no%2Fpivot-switchblade-29-pro-xo1-blue-fulldemper&dl=ON_PRODUCT_PAGES&rup=false
IP 91.227.202.201:0
GET /api/social/proof/ms/cgdoykq263su4khq/4b50026b-7f80-4223-9a05-e9b2b1bb4500.htm?p=https%3A%2F%2Fbirk.no%2Fpivot-switchblade-29-pro-xo1-blue-fulldemper&dl=ON_PRODUCT_PAGES&rup=false HTTP/1.1
Host: www.salesmanago.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://birk.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:11 GMT
server: Apache
access-control-allow-origin: *
cache-control: max-age=0
expires: Sat, 04 Feb 2023 14:48:11 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html;charset=utf-8
strict-transport-security: max-age=31540000
set-cookie: SERVERID=B; path=/
X-Firefox-Spdy: h2
www.salesmanago.pl/social/visit/counts?shortId=cgdoykq263su4khq&time=1440&key=birk.no%2Fpivot-switchblade-29-pro-xo1-blue-fulldemper&instanceIntId=1
91.227.202.201200 OK 0 B URL HTTP/2 www.salesmanago.pl/social/visit/counts?shortId=cgdoykq263su4khq&time=1440&key=birk.no%2Fpivot-switchblade-29-pro-xo1-blue-fulldemper&instanceIntId=1
IP 91.227.202.201:0
GET /social/visit/counts?shortId=cgdoykq263su4khq&time=1440&key=birk.no%2Fpivot-switchblade-29-pro-xo1-blue-fulldemper&instanceIntId=1 HTTP/1.1
Host: www.salesmanago.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.salesmanago.pl/api/social/proof/ms/cgdoykq263su4khq/4b50026b-7f80-4223-9a05-e9b2b1bb4500.htm?p=https%3A%2F%2Fbirk.no%2Fpivot-switchblade-29-pro-xo1-blue-fulldemper&dl=ON_PRODUCT_PAGES&rup=false
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:12 GMT
server: Apache
cache-control: max-age=1
expires: Sat, 04 Feb 2023 14:48:13 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: application/json;charset=UTF-8
strict-transport-security: max-age=31540000
set-cookie: SERVERID=A; path=/
X-Firefox-Spdy: h2
api.yadore.com/v2/r?e=KzcwMmQ5eG1RbzJtaUhtRnNXZXRMdm8rMjE4WEtLcnpMRWl6bEtncDBOc1lCL2x4UDhNdnZPRFRaQWw5aEk3aGo5VHdDQU9rN0xNTFZBWlFPRGF4VkNYT2FnYWRQS0h2aGVleE1EUVlLcjBSdjMweTU5VGx0UzFJdXdFbUlrRzluTmp4TFIzS1BFSm1qcmJHbVRpRTdLN0hDUEY0ZHFpeFpOL0hwU0hKNXY2V3RObnRZaFBXem9OMlJBRzVLb3M4L25RcjV4cTRNeG1yUUN0M3NNSmx0RjF0c2lrcXFPd0t3aXZFMjc1bzhmTGdGZnFlbFQvWkVrN0g2SUVrNy9rVTJPTWFPRkRoWHJGTGpKancvblVQTm5qODNMWDRhdEVBdlVQcjdxNlFTeUgzVXkxUzRaUXp6SXZqSnl0QktYQW1TZ282ZnRXMW13RENoK2t4ZHVTRldsZEFudm0xbldXY0YyeVNiL25ONlliR1RMVEhmUTdLV1FzaWcrYjlEbDRqd3RCbG93WWZJT2JRVEg0dHZNdlNkK0VRcDFITHZXNndMUkRVOEE9PQ==&i=zwfJ/QIw8yOMRe2K&placementId=7652dff2ed6df8549015e0bca2c91103
88.99.112.6302 Found 0 B URL HTTP/2 api.yadore.com/v2/r?e=KzcwMmQ5eG1RbzJtaUhtRnNXZXRMdm8rMjE4WEtLcnpMRWl6bEtncDBOc1lCL2x4UDhNdnZPRFRaQWw5aEk3aGo5VHdDQU9rN0xNTFZBWlFPRGF4VkNYT2FnYWRQS0h2aGVleE1EUVlLcjBSdjMweTU5VGx0UzFJdXdFbUlrRzluTmp4TFIzS1BFSm1qcmJHbVRpRTdLN0hDUEY0ZHFpeFpOL0hwU0hKNXY2V3RObnRZaFBXem9OMlJBRzVLb3M4L25RcjV4cTRNeG1yUUN0M3NNSmx0RjF0c2lrcXFPd0t3aXZFMjc1bzhmTGdGZnFlbFQvWkVrN0g2SUVrNy9rVTJPTWFPRkRoWHJGTGpKancvblVQTm5qODNMWDRhdEVBdlVQcjdxNlFTeUgzVXkxUzRaUXp6SXZqSnl0QktYQW1TZ282ZnRXMW13RENoK2t4ZHVTRldsZEFudm0xbldXY0YyeVNiL25ONlliR1RMVEhmUTdLV1FzaWcrYjlEbDRqd3RCbG93WWZJT2JRVEg0dHZNdlNkK0VRcDFITHZXNndMUkRVOEE9PQ==&i=zwfJ/QIw8yOMRe2K&placementId=7652dff2ed6df8549015e0bca2c91103
IP 88.99.112.6:0
ASN #24940 Hetzner Online GmbH
GET /v2/r?e=KzcwMmQ5eG1RbzJtaUhtRnNXZXRMdm8rMjE4WEtLcnpMRWl6bEtncDBOc1lCL2x4UDhNdnZPRFRaQWw5aEk3aGo5VHdDQU9rN0xNTFZBWlFPRGF4VkNYT2FnYWRQS0h2aGVleE1EUVlLcjBSdjMweTU5VGx0UzFJdXdFbUlrRzluTmp4TFIzS1BFSm1qcmJHbVRpRTdLN0hDUEY0ZHFpeFpOL0hwU0hKNXY2V3RObnRZaFBXem9OMlJBRzVLb3M4L25RcjV4cTRNeG1yUUN0M3NNSmx0RjF0c2lrcXFPd0t3aXZFMjc1bzhmTGdGZnFlbFQvWkVrN0g2SUVrNy9rVTJPTWFPRkRoWHJGTGpKancvblVQTm5qODNMWDRhdEVBdlVQcjdxNlFTeUgzVXkxUzRaUXp6SXZqSnl0QktYQW1TZ282ZnRXMW13RENoK2t4ZHVTRldsZEFudm0xbldXY0YyeVNiL25ONlliR1RMVEhmUTdLV1FzaWcrYjlEbDRqd3RCbG93WWZJT2JRVEg0dHZNdlNkK0VRcDFITHZXNndMUkRVOEE9PQ==&i=zwfJ/QIw8yOMRe2K&placementId=7652dff2ed6df8549015e0bca2c91103 HTTP/1.1
Host: api.yadore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
date: Sat, 04 Feb 2023 14:48:08 GMT
location: https://no-go.kelkoogroup.net/offersearchGo?.ts=1675519080242&.sig=6lY7ZaDvy7dH8DnfMKKQgCc_mwo-&affiliationId=96965886&comId=100508712&country=no&offerId=3d3e48f4cf621de7f365d3e60db53a54&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=6c50830229630c236b43a65078373be6c5164c9c6e8139c57fa7c23e75c40421&custom2=SRdytlITOR16&custom3=false
server: nginx
x-powered-by: PHP/8.0.27
X-Firefox-Spdy: h2
birk.no/pivot-switchblade-29-pro-xo1-blue-fulldemper
172.67.69.63404 Not Found 0 B URL HTTP/2 birk.no/pivot-switchblade-29-pro-xo1-blue-fulldemper
IP 172.67.69.63:0
GET /pivot-switchblade-29-pro-xo1-blue-fulldemper HTTP/1.1
Host: birk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Cookie: _sn_m={"r":{"n":0}}; smvr=eyJ2aXNpdHMiOjQsInZpZXdzIjo0LCJ0cyI6MTY1NDUwNzg2MzgzOCwibnVtYmVyT2ZSZWplY3Rpb25CdXR0b25DbGljayI6MCwiaXNOZXdTZXNzaW9uIjpmYWxzZX0=; smuuid=1812d7442d8-b755d9cbef30-4893b9fa-39a3da50-c94a3863-fdaded94a632; _sn_a={"a":{"s":1654507864065,"e":1654507864064},"v":"e0d39435-709f-4bc6-8c60-cfacdc692c7b"}; _hjSessionUser_775571=eyJpZCI6IjJmYWRiM2Y5LTBkZTktNTk5My05ZWJjLTU1NmIwOGRmODNlYyIsImNyZWF0ZWQiOjE2NTQzMjUwMDMwMDUsImV4aXN0aW5nIjp0cnVlfQ==; __zlcmid=1AJkyWyKYyIGhTl; _sn_n={"a":{"i":"e0ef2635-25df-4df3-af1b-b3e928c03ac6"}}; PHPSESSID=h4vcv67iqhkchpr7s8e5jkbtli
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Sat, 04 Feb 2023 14:48:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=h4vcv67iqhkchpr7s8e5jkbtli; expires=Sat, 04-Feb-2023 15:48:09 GMT; Max-Age=3600; path=/; domain=birk.no; secure
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-cache: MISS
x-cache-hits: 0
x-cache-ttl: 119.990
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WukwctzOJWQdzZ0Mp2%2BcLK3BfsNggNMVogUKdzsLp5Nd%2FihDEeukcuetwJ4uz3HZ6ZTyzulfhBl7qnLEdb5ar5ywW%2FT9A7U1cI5Nwio0EboCKvhT0t3VmE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794434a4ab510b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-34c91d3.js
104.18.72.113200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-34c91d3.js
IP 104.18.72.113:0
GET /web_widget/latest/classic/web-widget-chat-sdk-34c91d3.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:13 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: 5Q2KsWrkmrWTiYVRLyXyCI/rMs3+B9hjg0s80kwkbyjooUCh5ERMvYHuuJOp3Lj7ZZLHDIYGSG0=
x-amz-request-id: 8SCA84J1BTNRMEF1
x-amz-replication-status: COMPLETED
last-modified: Mon, 30 Jan 2023 01:11:44 GMT
etag: W/"d366c0776c2bacba354d40e564c3d3e6"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 30 Jan 2024 01:11:43 GMT
x-amz-version-id: 7IG5ZMdUlemQ4ejtzcD59BhvR7ULO8qs
cf-cache-status: HIT
age: 291919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BM1k5FQgMa%2BOXeJVE6YlK%2BpxriuK7aA4DHrcxGrt3PdaVclFySJFWeMzjYgh1LtZevzJ%2F6AuckSAoncI0mbluDs48hxEkhWuCt6oHhiYhs2sFTYeIwreuz9bQKo6h9wigzbu1Z8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 794434bc5a28b527-OSL
content-encoding: br
X-Firefox-Spdy: h2
ekr.zdassets.com/compose/68ea044b-62e9-46cc-a5df-f5ed505c65a3
104.18.70.113200 OK 0 B URL HTTP/2 ekr.zdassets.com/compose/68ea044b-62e9-46cc-a5df-f5ed505c65a3
IP 104.18.70.113:0
GET /compose/68ea044b-62e9-46cc-a5df-f5ed505c65a3 HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://birk.no
Connection: keep-alive
Referer: https://birk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:48:11 GMT
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
etag: W/"147a20111baed8158422d59bd1fe88e1"
x-request-id: 79287ecef8e20b4d-SEA, 79287ecef8e20b4d-SEA
x-runtime: 0.004334
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLUU%2FfiwiJgmu4FEhLdGsUomm1dgXsyr%2B8p4pcujhyB%2BWBnNewPxjGMpQbcBA%2BRKoNcp24lXfaTZfVVJn%2FhdhTXmqfOdn9cRJfKuhbwHEH88zJTJZU4cQCisHLFToiS6gvs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 794434b02db2b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
ndt5.net/c/?si=14652&li=1630515&wi=325766&pid=cb6d41c171e2402624ef52e92f1f8372&dl=pivot-switchblade-29-pro-xo1-blue-fulldemper&ws=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1675522088919_740171
104.25.147.85301 Moved Permanently 0 B URL HTTP/2 ndt5.net/c/?si=14652&li=1630515&wi=325766&pid=cb6d41c171e2402624ef52e92f1f8372&dl=pivot-switchblade-29-pro-xo1-blue-fulldemper&ws=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1675522088919_740171
IP 104.25.147.85:0
GET /c/?si=14652&li=1630515&wi=325766&pid=cb6d41c171e2402624ef52e92f1f8372&dl=pivot-switchblade-29-pro-xo1-blue-fulldemper&ws=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1675522088919_740171 HTTP/1.1
Host: ndt5.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 04 Feb 2023 14:48:09 GMT
content-type: text/html; charset=UTF-8
location: https://ndt5.net/redirect/global.php?dai_url_domain=www.birk.no&dai_url_add=utm_source%3Ddaisycon%26utm_medium%3Daffiliate%26utm_campaign%3Ddaisycon_325766&dai_url=pivot-switchblade-29-pro-xo1-blue-fulldemper
set-cookie: dci=QhkL05XEXyVmUdc; expires=Mon, 05-Feb-2024 14:48:09 GMT; Max-Age=31622400; path=/; domain=.ndt5.net; secure; HttpOnly; SameSite=None
pdc=QhkL05XEXyVmUdc; expires=Mon, 05-Feb-2024 14:48:09 GMT; Max-Age=31622400; path=/; domain=.ndt5.net; secure; HttpOnly; SameSite=None
ci_14652=ZF4xNjc1NTIyMDg5LGRjaV5RaGtMMDVYRVh5Vm1VZGM%3D; expires=Mon, 05-Feb-2024 14:48:09 GMT; Max-Age=31622400; path=/; domain=.ndt5.net; secure; HttpOnly; SameSite=None
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-expose-headers: P3p, Cache-Control, Expires, Content-Length, Content-Type
cache-control: no-store, no-cache, must-revalidate, max-age=14400
x-xss-protection: 0
expires: Sat, 04 Feb 2023 18:48:09 GMT
x-daisycon-cluster: ApacheContainer-ed25e727ac84-tracking.daisycon.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgo5yC3rgiVK5Yr%2FXk1xfcUgkCQP0bk5wlT8o3%2F7wt7oWur0pGqxs12JhMUTcDyEa6pR2qTDLBU4efT29pOclR3JCjYAvkUVRHFmmfuzE7u788JJlXqtDDtW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794434a209b9b527-OSL
X-Firefox-Spdy: h2